diff --git a/src/tls/openssl/tls.c b/src/tls/openssl/tls.c
index 221b3fbdf..5d3f7cf92 100644
--- a/src/tls/openssl/tls.c
+++ b/src/tls/openssl/tls.c
@@ -236,6 +236,7 @@ int tls_alloc(struct tls **tlsp, enum tls_method method, const char *keyfile,
 {
 	struct tls *tls;
 	int r, err;
+	int min_proto = 0;
 
 	if (!tlsp)
 		return EINVAL;
@@ -250,6 +251,7 @@ int tls_alloc(struct tls **tlsp, enum tls_method method, const char *keyfile,
 	case TLS_METHOD_TLS:
 	case TLS_METHOD_SSLV23:
 		tls->ctx = SSL_CTX_new(TLS_method());
+		min_proto = TLS1_2_VERSION;
 		break;
 
 	case TLS_METHOD_DTLS:
@@ -270,9 +272,11 @@ int tls_alloc(struct tls **tlsp, enum tls_method method, const char *keyfile,
 		goto out;
 	}
 
-	err = tls_set_min_proto_version(tls, TLS1_2_VERSION);
-	if (err) {
-		goto out;
+	if (min_proto) {
+		err = tls_set_min_proto_version(tls, min_proto);
+		if (err) {
+			goto out;
+		}
 	}
 
 #if defined(TRACE_SSL)