diff --git a/templates/etc/openldap/slapd.conf.j2 b/templates/etc/openldap/slapd.conf.j2
index fe39ca6..ecb00ef 100644
--- a/templates/etc/openldap/slapd.conf.j2
+++ b/templates/etc/openldap/slapd.conf.j2
@@ -31,8 +31,9 @@ argsfile                /var/run/openldap/slapd.args
 TLSCertificateFile      {{ ldap_proxy_tls_cert_path }}
 TLSCertificateKeyFile   {{ ldap_proxy_tls_key_path }}
 TLSCACertificateFile    {{ ldap_proxy_tls_ca_path }}
-TLSCipherSuite          HIGH:MEDIUM:!aNULL:!MD5:!RC4
-TLSProtocolMin          3.1
+TLSCipherSuite          HIGH:MEDIUM:-SSLv2:-SSLv3:!SHA1:!SHA256:!SHA384
+TLSProtocolMin          3.3
+TLSECName               secp521r1
 
 ### Database definition (Proxy to AD) #########################################
 database                ldap