diff --git a/boring-nginx/rootfs/etc/nginx/conf/ssl_params b/boring-nginx/rootfs/etc/nginx/conf/ssl_params
index 2f7c590..7647358 100644
--- a/boring-nginx/rootfs/etc/nginx/conf/ssl_params
+++ b/boring-nginx/rootfs/etc/nginx/conf/ssl_params
@@ -1,6 +1,6 @@
-ssl_protocols TLSv1.2;
+ssl_protocols TLSv1.3 TLSv1.2;
 ssl_ecdh_curve X25519:P-521:P-384;
-ssl_ciphers [ECDHE-ECDSA-CHACHA20-POLY1305|ECDHE-RSA-CHACHA20-POLY1305|ECDHE-ECDSA-AES256-GCM-SHA384|ECDHE-RSA-AES256-GCM-SHA384]:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256;
+ssl_ciphers [EECDH+CHACHA20|EECDH+AESGCM];
 ssl_prefer_server_ciphers on;
 
 ssl_session_cache shared:SSL:20m;