diff --git a/src/xmpp/client.go b/src/xmpp/client.go
index 8cc20d3..ed5277c 100644
--- a/src/xmpp/client.go
+++ b/src/xmpp/client.go
@@ -41,8 +41,8 @@ func NewClientXMPP(jid JID, password string, config *ClientConfig) (*XMPP, error
 
 		// TLS?
 		if f.StartTLS != nil && (f.StartTLS.Required != nil || !config.NoTLS) {
-			tlsConfig := tls.Config{InsecureSkipVerify: config.InsecureSkipVerify}
-			if err := stream.UpgradeTLS(&tlsConfig); err != nil {
+			log.Println("Start TLS")
+			if err := startTLS(stream, config); err != nil {
 				return nil, err
 			}
 			continue // Restart
@@ -96,6 +96,29 @@ func startClient(stream *Stream, jid JID) error {
 	return nil
 }
 
+func startTLS(stream *Stream, config *ClientConfig) error {
+
+	if err := stream.Send(&tlsStart{}); err != nil {
+		return err
+	}
+
+	p := tlsProceed{}
+	if err := stream.Decode(&p); err != nil {
+		return err
+	}
+
+	tlsConfig := tls.Config{InsecureSkipVerify: config.InsecureSkipVerify}
+	return stream.UpgradeTLS(&tlsConfig)
+}
+
+type tlsStart struct {
+	XMLName xml.Name `xml:"urn:ietf:params:xml:ns:xmpp-tls starttls"`
+}
+
+type tlsProceed struct {
+	XMLName xml.Name `xml:"urn:ietf:params:xml:ns:xmpp-tls proceed"`
+}
+
 func authenticate(stream *Stream, mechanisms []string, user, password string) error {
 
 	log.Println("authenticate, mechanisms=", mechanisms)
diff --git a/src/xmpp/stream.go b/src/xmpp/stream.go
index 99253cb..a661b5c 100644
--- a/src/xmpp/stream.go
+++ b/src/xmpp/stream.go
@@ -42,17 +42,6 @@ func NewStream(addr string) (*Stream, error) {
 // Upgrade the stream's underlying net conncetion to TLS.
 func (stream *Stream) UpgradeTLS(config *tls.Config) error {
 
-	log.Println("Upgrading to TLS")
-
-	if err := stream.Send(&tlsStart{}); err != nil {
-		return err
-	}
-
-	p := tlsProceed{}
-	if err := stream.Decode(&p); err != nil {
-		return err
-	}
-
 	conn := tls.Client(stream.conn, &tls.Config{InsecureSkipVerify: true})
 	if err := conn.Handshake(); err != nil {
 		return err
@@ -135,13 +124,3 @@ func (stream *Stream) Decode(v interface{}) error {
 func (stream *Stream) DecodeElement(v interface{}, start *xml.StartElement) error {
 	return stream.dec.DecodeElement(v, start)
 }
-
-type tlsStart struct {
-	XMLName xml.Name `xml:"urn:ietf:params:xml:ns:xmpp-tls starttls"`
-}
-
-type tlsProceed struct {
-	XMLName xml.Name `xml:"urn:ietf:params:xml:ns:xmpp-tls proceed"`
-}
-
-// BUG(matt): UpgradeTLS shoudln't be doing anything specific to XMPP.