diff --git a/README.md b/README.md
index d09340a..12f6b18 100644
--- a/README.md
+++ b/README.md
@@ -49,7 +49,7 @@ Flags:
       --tls                    turn on TLS support
       --tls-cert string        TLS certificate path
       --tls-key string         TLS key path
-      --tls-min-ver string     TLS min version (default: 1.2) (default "1.2")
+      --tls-min-ver string     TLS min version (default: 1.2)
   -v, --version                version for rest-server
 ```
 
diff --git a/cmd/rest-server/main.go b/cmd/rest-server/main.go
index df927ed..d1d2216 100644
--- a/cmd/rest-server/main.go
+++ b/cmd/rest-server/main.go
@@ -167,7 +167,6 @@ func (app *restServerApp) runRoot(cmd *cobra.Command, args []string) error {
 
 	tlscfg := &tls.Config{
 		MinVersion:       tls.VersionTLS12,
-		CurvePreferences: []tls.CurveID{tls.CurveP521, tls.CurveP384, tls.CurveP256},
 		CipherSuites: []uint16{
 			tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
 			tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
@@ -178,18 +177,12 @@ func (app *restServerApp) runRoot(cmd *cobra.Command, args []string) error {
 		},
 	}
 	switch app.Server.TLSMinVer {
-	case "1.0":
-		// Only available with GODEBUG="tls10server=1"
-		tlscfg.MinVersion = tls.VersionTLS10
-	case "1.1":
-		// Only available with GODEBUG="tls10server=1"
-		tlscfg.MinVersion = tls.VersionTLS11
 	case "1.2":
 		tlscfg.MinVersion = tls.VersionTLS12
 	case "1.3":
 		tlscfg.MinVersion = tls.VersionTLS13
 	default:
-		tlscfg.MinVersion = tls.VersionTLS12
+		return fmt.Errorf("Unsupported TLS min version: %s", app.Server.TLSMinVer)
 	}
 
 	srv := &http.Server{