diff --git a/lower-constraints.txt b/lower-constraints.txt
index 49199c393..1e780da09 100644
--- a/lower-constraints.txt
+++ b/lower-constraints.txt
@@ -22,7 +22,7 @@ imagesize==0.7.1
 iso8601==0.1.11
 Jinja2==2.10
 jsonschema==2.6.0
-kazoo==2.2
+kazoo==2.6.0
 keystoneauth1==3.4.0
 kombu==4.0.0
 linecache2==1.0.0
diff --git a/releasenotes/notes/zookeeper-ssl-support-b9abf24a39096b62.yaml b/releasenotes/notes/zookeeper-ssl-support-b9abf24a39096b62.yaml
new file mode 100644
index 000000000..7f7f76fcd
--- /dev/null
+++ b/releasenotes/notes/zookeeper-ssl-support-b9abf24a39096b62.yaml
@@ -0,0 +1,6 @@
+---
+features:
+  - |
+    SSL support for zookeeper backend (kazoo client). Now the following options
+    can be passed to zookeeper config: *keyfile*, *keyfile_password*,
+    *certfile*, *use_ssl*, *verify_certs*.
\ No newline at end of file
diff --git a/setup.cfg b/setup.cfg
index 4d9a7480e..bf98114d9 100644
--- a/setup.cfg
+++ b/setup.cfg
@@ -57,7 +57,7 @@ taskflow.engines =
 # NOTE(dhellmann): The entries in this section of the file need to be
 # kept consistent with the entries in test-requirements.txt.
 zookeeper =
-  kazoo>=2.2 # Apache-2.0
+  kazoo>=2.6.0 # Apache-2.0
   zake>=0.1.6 # Apache-2.0
 redis =
   redis>=2.10.0 # MIT
diff --git a/taskflow/utils/kazoo_utils.py b/taskflow/utils/kazoo_utils.py
index 6ff0ce639..2d856bd3f 100644
--- a/taskflow/utils/kazoo_utils.py
+++ b/taskflow/utils/kazoo_utils.py
@@ -175,6 +175,13 @@ def make_client(conf):
     - ``handler``: a kazoo handler object that can be used to provide the
       client with alternate async strategies (the default is `thread`_
       based, but `gevent`_, or `eventlet`_ ones can be provided as needed)
+    - ``keyfile`` : SSL keyfile to use for authentication
+    - ``keyfile_password``: SSL keyfile password
+    -  ``certfile``: SSL certfile to use for authentication
+    - ``ca``: SSL CA file to use for authentication
+    - ``use_ssl``: argument to control whether SSL is used or not
+    - ``verify_certs``: when using SSL, argument to bypass
+        certs verification
 
     .. _client: https://kazoo.readthedocs.io/en/latest/api/client.html
     .. _kazoo: https://kazoo.readthedocs.io/
@@ -191,6 +198,12 @@ def make_client(conf):
         'read_only': bool(conf.get('read_only')),
         'randomize_hosts': bool(conf.get('randomize_hosts')),
         'logger': LOG,
+        'keyfile': conf.get('keyfile', None),
+        'keyfile_password': conf.get('keyfile_password', None),
+        'certfile': conf.get('certfile', None),
+        'use_ssl': conf.get('use_ssl', False),
+        'verify_certs': conf.get('verify_certs', True),
+
     }
     # See: https://kazoo.readthedocs.io/en/latest/api/retry.html
     if 'command_retry' in conf:
diff --git a/test-requirements.txt b/test-requirements.txt
index 7c65a1557..7ad3713ef 100644
--- a/test-requirements.txt
+++ b/test-requirements.txt
@@ -3,7 +3,7 @@
 # entries need to be kept consistent.
 
 # zookeeper
-kazoo>=2.2 # Apache-2.0
+kazoo>=2.6.0 # Apache-2.0
 zake>=0.1.6 # Apache-2.0
 
 # redis