diff --git a/CMake/FindMbedTLS.cmake b/CMake/FindMbedTLS.cmake
index aa40485c..b6ef63ab 100644
--- a/CMake/FindMbedTLS.cmake
+++ b/CMake/FindMbedTLS.cmake
@@ -1,5 +1,8 @@
 find_path(MBEDTLS_INCLUDE_DIRS mbedtls/ssl.h)
 
+# mbedtls-3.0 changed headers files, and we need to ifdef'out a few things
+find_path(MBEDTLS_VERSION_GREATER_THAN_3 mbedtls/build_info.h)
+
 find_library(MBEDTLS_LIBRARY mbedtls)
 find_library(MBEDX509_LIBRARY mbedx509)
 find_library(MBEDCRYPTO_LIBRARY mbedcrypto)
diff --git a/CMakeLists.txt b/CMakeLists.txt
index 87e83aed..72e5ac45 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -195,6 +195,11 @@ if (USE_TLS)
     # This MBEDTLS_FOUND check is to help find a cmake manually configured MbedTLS
     if (NOT MBEDTLS_FOUND)
       find_package(MbedTLS REQUIRED)
+      
+      if (MBEDTLS_VERSION_GREATER_THAN_3)
+        target_compile_definitions(ixwebsocket PRIVATE IXWEBSOCKET_USE_MBED_TLS_MIN_VERSION_3)
+      endif()
+      
     endif()
     target_include_directories(ixwebsocket PUBLIC $<BUILD_INTERFACE:${MBEDTLS_INCLUDE_DIRS}>)
     target_link_libraries(ixwebsocket ${MBEDTLS_LIBRARIES})
diff --git a/docs/CHANGELOG.md b/docs/CHANGELOG.md
index 737862b3..80d5daa2 100644
--- a/docs/CHANGELOG.md
+++ b/docs/CHANGELOG.md
@@ -2,6 +2,10 @@
 
 All changes to this project will be documented in this file.
 
+## [11.3.1] - 2021-10-22
+
+(library/cmake) Compatible with MbedTLS 3 + fix a bug on Windows where the incorrect remote port is computed (#320)
+
 ## [11.3.0] - 2021-09-20
 
 (library/cmake) Only find OpenSSL, MbedTLS, zlib if they have not already been found, make CMake install optional (#317) + Use GNUInstallDirs in cmake (#318)
diff --git a/ixwebsocket/IXSocketMbedTLS.cpp b/ixwebsocket/IXSocketMbedTLS.cpp
index 85ff16fe..01f8c870 100644
--- a/ixwebsocket/IXSocketMbedTLS.cpp
+++ b/ixwebsocket/IXSocketMbedTLS.cpp
@@ -132,7 +132,11 @@ namespace ix
                 errMsg = "Cannot parse cert file '" + _tlsOptions.certFile + "'";
                 return false;
             }
+#ifdef IXWEBSOCKET_USE_MBED_TLS_MIN_VERSION_3
+            if (mbedtls_pk_parse_keyfile(&_pkey, _tlsOptions.keyFile.c_str(), "", mbedtls_ctr_drbg_random, &_ctr_drbg) < 0)
+#else
             if (mbedtls_pk_parse_keyfile(&_pkey, _tlsOptions.keyFile.c_str(), "") < 0)
+#endif
             {
                 errMsg = "Cannot parse key file '" + _tlsOptions.keyFile + "'";
                 return false;
diff --git a/ixwebsocket/IXSocketMbedTLS.h b/ixwebsocket/IXSocketMbedTLS.h
index 032560b9..9dd73f50 100644
--- a/ixwebsocket/IXSocketMbedTLS.h
+++ b/ixwebsocket/IXSocketMbedTLS.h
@@ -13,7 +13,7 @@
 #include <mbedtls/debug.h>
 #include <mbedtls/entropy.h>
 #include <mbedtls/error.h>
-#include <mbedtls/net.h>
+#include <mbedtls/net_sockets.h>
 #include <mbedtls/platform.h>
 #include <mbedtls/x509.h>
 #include <mbedtls/x509_crt.h>
diff --git a/ixwebsocket/IXWebSocketVersion.h b/ixwebsocket/IXWebSocketVersion.h
index f7aae38c..5c338a7e 100644
--- a/ixwebsocket/IXWebSocketVersion.h
+++ b/ixwebsocket/IXWebSocketVersion.h
@@ -6,4 +6,4 @@
 
 #pragma once
 
-#define IX_WEBSOCKET_VERSION "11.3.0"
+#define IX_WEBSOCKET_VERSION "11.3.1"