diff --git a/tls.go b/tls.go
index d8ce2e76fb65a412c0c233556343b58fdd540168..248320f99c23f7ce64100d99c87373985dd8101d 100644
--- a/tls.go
+++ b/tls.go
@@ -7,6 +7,11 @@ import (
 	"log"
 )
 
+var cipherSuites = []uint16{
+	tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
+	tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
+}
+
 // Load a CA from file (PEM encoded).
 func loadCA(caFile string) *x509.CertPool {
 	data, err := ioutil.ReadFile(caFile)
@@ -26,27 +31,20 @@ func loadCA(caFile string) *x509.CertPool {
 // endpoints and don't have to worry about wide compatibility.
 func TLSClientAuthConfig(caFile string) *tls.Config {
 	return &tls.Config{
-		ClientCAs:  loadCA(caFile),
-		ClientAuth: tls.RequireAndVerifyClientCert,
-		CipherSuites: []uint16{
-			tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
-			tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
-		},
-		PreferServerCipherSuites: true,
+		ClientCAs:                loadCA(caFile),
+		ClientAuth:               tls.RequireAndVerifyClientCert,
 		MinVersion:               tls.VersionTLS12,
+		CipherSuites:             cipherSuites,
+		PreferServerCipherSuites: true,
 	}
 }
 
 // Same as TLSClientAuthConfig, but load client certificates too.
 func TLSClientAuthConfigWithCerts(caFile, certFile, keyFile string) *tls.Config {
 	config := &tls.Config{
-		RootCAs: loadCA(caFile),
-		ServerName: "desktop.m.investici.org",
-		MinVersion: tls.VersionTLS12,
-		CipherSuites: []uint16{
-			tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
-			tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
-		},
+		RootCAs:      loadCA(caFile),
+		MinVersion:   tls.VersionTLS12,
+		CipherSuites: cipherSuites,
 	}
 
 	var err error