diff --git a/nixos/modules/services/web-servers/nginx/default.nix b/nixos/modules/services/web-servers/nginx/default.nix
index 922df1ea03abfe..113630f4941d8a 100644
--- a/nixos/modules/services/web-servers/nginx/default.nix
+++ b/nixos/modules/services/web-servers/nginx/default.nix
@@ -188,8 +188,6 @@ let
 
         ssl_session_timeout 1d;
         ssl_session_cache shared:SSL:10m;
-        # Breaks forward secrecy: https://github.com/mozilla/server-side-tls/issues/135
-        ssl_session_tickets off;
         # We don't enable insecure ciphers by default, so this allows
         # clients to pick the most performant, per https://github.com/mozilla/server-side-tls/issues/260
         ssl_prefer_server_ciphers off;