diff --git a/README.md b/README.md
index 3d5d1d2..b7d8d82 100644
--- a/README.md
+++ b/README.md
@@ -49,7 +49,7 @@ Flags:
       --tls                    turn on TLS support
       --tls-cert string        TLS certificate path
       --tls-key string         TLS key path
-      --tls-min-ver string     TLS min version (default: 1.2) (default "1.2")
+      --tls-min-ver string     TLS min version (default: 1.2)
   -v, --version                version for rest-server
 ```
 
diff --git a/cmd/rest-server/main.go b/cmd/rest-server/main.go
index 05283e5..1ba9984 100644
--- a/cmd/rest-server/main.go
+++ b/cmd/rest-server/main.go
@@ -181,7 +181,6 @@ func (app *restServerApp) runRoot(_ *cobra.Command, _ []string) error {
 
 	tlscfg := &tls.Config{
 		MinVersion:       tls.VersionTLS12,
-		CurvePreferences: []tls.CurveID{tls.CurveP521, tls.CurveP384, tls.CurveP256},
 		CipherSuites: []uint16{
 			tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
 			tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
@@ -192,18 +191,12 @@ func (app *restServerApp) runRoot(_ *cobra.Command, _ []string) error {
 		},
 	}
 	switch app.Server.TLSMinVer {
-	case "1.0":
-		// Only available with GODEBUG="tls10server=1"
-		tlscfg.MinVersion = tls.VersionTLS10
-	case "1.1":
-		// Only available with GODEBUG="tls10server=1"
-		tlscfg.MinVersion = tls.VersionTLS11
 	case "1.2":
 		tlscfg.MinVersion = tls.VersionTLS12
 	case "1.3":
 		tlscfg.MinVersion = tls.VersionTLS13
 	default:
-		tlscfg.MinVersion = tls.VersionTLS12
+		return fmt.Errorf("Unsupported TLS min version: %s", app.Server.TLSMinVer)
 	}
 
 	srv := &http.Server{