diff --git a/inc/context.h b/inc/context.h
index be4ee8b..8200201 100644
--- a/inc/context.h
+++ b/inc/context.h
@@ -3,6 +3,7 @@
 #include <stdint.h>
 #include <stddef.h> /* for offsetof() macro */
 #include <string.h>
+#include <pthread.h>
 #include <civetweb.h>
 #include <openssl/ts.h>
 
@@ -14,12 +15,19 @@
 #define RFC3161_OPTIONS_LEN                                                    \
     sizeof(rfc3161_options) / sizeof(struct rfc3161_option)
 
+typedef struct {
+    TS_RESP_CTX *ts_ctx;
+    bool available;
+    pthread_mutex_t lock;
+} ts_resp_ctx_wrapper;
+
 typedef struct {
     uint64_t query_counter;
     bool stdout_dbg;
     int loglevel;
+    int numthreads;
     const char *http_options[40];
-    TS_RESP_CTX *ts_ctx;
+    ts_resp_ctx_wrapper *ts_ctx_pool;
     CONF *conf;
 } rfc3161_context;
 
@@ -30,7 +38,7 @@ struct rfc3161_option {
 };
 
 static struct rfc3161_option rfc3161_options[] = {
-    {"num_threads", HTTP_OPTIONS, "1"},
+    {"num_threads", HTTP_OPTIONS, "10"},
     {"run_as_user", HTTP_OPTIONS, NULL},
     {"throttle", HTTP_OPTIONS, NULL},
     {"enable_keep_alive", HTTP_OPTIONS, "no"},
diff --git a/inc/rfc3161.h b/inc/rfc3161.h
index cf72f68..6d00849 100644
--- a/inc/rfc3161.h
+++ b/inc/rfc3161.h
@@ -38,5 +38,6 @@ static int save_ts_serial(const char *serialfile, ASN1_INTEGER *serial);
 TS_RESP_CTX *create_tsctx(rfc3161_context *ct, CONF *conf, const char *section,
                           const char *policy);
 int add_oid_section(rfc3161_context *ct, CONF *conf);
+ts_resp_ctx_wrapper *get_ctxw(rfc3161_context *ct);
 void init_ssl();
 void free_ssl();
diff --git a/inc/utils.h b/inc/utils.h
index d6ab201..5613438 100644
--- a/inc/utils.h
+++ b/inc/utils.h
@@ -8,6 +8,6 @@ void log_hex(rfc3161_context *ct, int priority, char *id,
              unsigned char *content, int content_length);
 int set_params(rfc3161_context *ct, char *conf_file, char *conf_wd);
 static char *rand_string(char *str, size_t size);
-void free_uts_context(rfc3161_context *context);
+void free_uts_context(rfc3161_context *ct);
 int g_uts_sig_up;
 int g_uts_sig;
diff --git a/src/lib/http.c b/src/lib/http.c
index fcd935f..0cc9705 100644
--- a/src/lib/http.c
+++ b/src/lib/http.c
@@ -139,9 +139,17 @@ int rfc3161_handler(struct mg_connection *conn, void *context) {
 
         log_hex(ct, LOG_DEBUG, "query hexdump content", (unsigned char *)query,
                 request_info->content_length);
+        ts_resp_ctx_wrapper *ctx_w = get_ctxw(ct);
+        if (ctx_w == NULL) {
+            resp_code = 500;
+            uts_logger(context, LOG_WARNING,
+                       "Unable to get an OpenSSL ts_context in the pool");
 
-        resp_code = create_response(ct, query, query_len, ct->ts_ctx,
-                                    &content_length, &content, &serial_id);
+        } else {
+            resp_code = create_response(ct, query, query_len, ctx_w->ts_ctx,
+                                        &content_length, &content, &serial_id);
+            ctx_w->available = 1;
+        }
         switch (resp_code) {
         case 200:
             mg_printf(conn,
diff --git a/src/lib/rfc3161.c b/src/lib/rfc3161.c
index 2aaedc9..b4635aa 100644
--- a/src/lib/rfc3161.c
+++ b/src/lib/rfc3161.c
@@ -84,6 +84,22 @@ void free_ssl() {
     OBJ_cleanup();
 }
 
+// recover a ts wrapper
+ts_resp_ctx_wrapper *get_ctxw(rfc3161_context *ct) {
+    ts_resp_ctx_wrapper *ret = NULL;
+    for (int i = 0; i < ct->numthreads; i++) {
+        pthread_mutex_lock(&ct->ts_ctx_pool[i].lock);
+        if (ct->ts_ctx_pool[i].available) {
+            ct->ts_ctx_pool[i].available = 0;
+            ret = &(ct->ts_ctx_pool[i]);
+            pthread_mutex_unlock(&ct->ts_ctx_pool[i].lock);
+            return ret;
+        }
+        pthread_mutex_unlock(&ct->ts_ctx_pool[i].lock);
+    }
+    return ret;
+}
+
 TS_RESP_CTX *create_tsctx(rfc3161_context *ct, CONF *conf, const char *section,
                           const char *policy) {
     unsigned long err_code;
diff --git a/src/lib/utils.c b/src/lib/utils.c
index 430373a..e1a56f6 100644
--- a/src/lib/utils.c
+++ b/src/lib/utils.c
@@ -264,6 +264,7 @@ int set_params(rfc3161_context *ct, char *conf_file, char *conf_wd) {
     chdir(conf_wd);
     int ret = 1;
     int http_counter = 0;
+    int numthreads = 42;
 
     NCONF_free(ct->conf);
     ct->conf = load_config_file(ct, conf_file);
@@ -317,6 +318,8 @@ int set_params(rfc3161_context *ct, char *conf_file, char *conf_wd) {
                 ct->http_options[http_counter] = value;
                 http_counter++;
             }
+            if (strcmp(name, "num_threads") == 0)
+                numthreads = atoi(value);
             break;
             ;
         case TSA_OPTIONS:
@@ -328,9 +331,14 @@ int set_params(rfc3161_context *ct, char *conf_file, char *conf_wd) {
 
     if (!add_oid_section(ct, ct->conf))
         ret = 0;
-    ct->ts_ctx = create_tsctx(ct, ct->conf, NULL, NULL);
-    if (ct->ts_ctx == NULL)
-        ret = 0;
+    ct->ts_ctx_pool = calloc(numthreads, sizeof(ts_resp_ctx_wrapper));
+    ct->numthreads = numthreads;
+    for (int i = 0; i < numthreads; i++) {
+        ct->ts_ctx_pool[i].ts_ctx = create_tsctx(ct, ct->conf, NULL, NULL);
+        ct->ts_ctx_pool[i].available = 1;
+        if (ct->ts_ctx_pool[i].ts_ctx == NULL)
+            ret = 0;
+    }
     chdir("/");
     return ret;
 
@@ -339,8 +347,11 @@ end:
     return 0;
 }
 
-void free_uts_context(rfc3161_context *context) {
-    TS_RESP_CTX_free(context->ts_ctx);
-    NCONF_free(context->conf);
-    free(context);
+void free_uts_context(rfc3161_context *ct) {
+    for (int i = 0; i < ct->numthreads; i++) {
+        TS_RESP_CTX_free(ct->ts_ctx_pool[i].ts_ctx);
+    }
+    free(ct->ts_ctx_pool);
+    NCONF_free(ct->conf);
+    free(ct);
 }