diff --git a/tests/test_traefik.py b/tests/test_traefik.py
index 4ef9065..e15be9c 100644
--- a/tests/test_traefik.py
+++ b/tests/test_traefik.py
@@ -69,7 +69,7 @@ def test_letsencrypt_config(tljh_dir):
 
     assert cfg["entryPoints"] == {
         "http": {"address": ":80", "redirect": {"entryPoint": "https"}},
-        "https": {"address": ":443", "tls": {}},
+        "https": {"address": ":443", "tls": {"minVersion": "VersionTLS12"}},
         "auth_api": {
             "address": "127.0.0.1:8099",
             "auth": {
@@ -110,6 +110,7 @@ def test_manual_ssl_config(tljh_dir):
         "https": {
             "address": ":443",
             "tls": {
+                "minVersion": "VersionTLS12",
                 "certificates": [
                     {"certFile": "/path/to/ssl.cert", "keyFile": "/path/to/ssl.key"}
                 ]
diff --git a/tljh/traefik.toml.tpl b/tljh/traefik.toml.tpl
index 2b88b77..1b6de8f 100644
--- a/tljh/traefik.toml.tpl
+++ b/tljh/traefik.toml.tpl
@@ -34,6 +34,7 @@ idleTimeout = "10m0s"
   [entryPoints.https]
   address = ":{{https['port']}}"
   [entryPoints.https.tls]
+  minVersion = "VersionTLS12"
   {% if https['tls']['cert'] %}
     [[entryPoints.https.tls.certificates]]
       certFile = "{{https['tls']['cert']}}"