diff --git a/wfe2/wfe.go b/wfe2/wfe.go
index 4e394bff5b4..33d4ac6a598 100644
--- a/wfe2/wfe.go
+++ b/wfe2/wfe.go
@@ -285,11 +285,6 @@ func (wfe *WebFrontEndImpl) HandleFunc(mux *http.ServeMux, pattern string, h web
 			if request.URL != nil {
 				logEvent.Slug = request.URL.Path
 			}
-			tls := request.Header.Get("TLS-Version")
-			if tls == "TLSv1" || tls == "TLSv1.1" {
-				wfe.sendError(response, logEvent, probs.Malformed("upgrade your ACME client to support TLSv1.2 or better"), nil)
-				return
-			}
 			if request.Method != "GET" || pattern == newNoncePath {
 				nonceMsg, err := wfe.gnc.Nonce(ctx, &emptypb.Empty{})
 				if err != nil {
diff --git a/wfe2/wfe_test.go b/wfe2/wfe_test.go
index 7f2afaa5aa6..25e703b46ab 100644
--- a/wfe2/wfe_test.go
+++ b/wfe2/wfe_test.go
@@ -3787,21 +3787,6 @@ func TestIncidentARI(t *testing.T) {
 	test.AssertEquals(t, ri.SuggestedWindow.End.Before(wfe.clk.Now()), true)
 }
 
-func TestOldTLSInbound(t *testing.T) {
-	wfe, _, _ := setupWFE(t)
-	req := &http.Request{
-		URL:    &url.URL{Path: "/directory"},
-		Method: "GET",
-		Header: http.Header(map[string][]string{
-			http.CanonicalHeaderKey("TLS-Version"): {"TLSv1"},
-		}),
-	}
-
-	responseWriter := httptest.NewRecorder()
-	wfe.Handler(metrics.NoopRegisterer).ServeHTTP(responseWriter, req)
-	test.AssertEquals(t, responseWriter.Code, http.StatusBadRequest)
-}
-
 func Test_sendError(t *testing.T) {
 	features.Reset()
 	wfe, _, _ := setupWFE(t)