diff --git a/CHANGELOG.md b/CHANGELOG.md
index 2275d41dd..146a45533 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -17,6 +17,8 @@ Certbot adheres to [Semantic Versioning](https://semver.org/).
 ### Fixed
 
 * Fixed OS detection in the Apache plugin on Scientific Linux.
+* Stop disabling TLS session tickets in Nginx as it caused TLS failures on
+  some systems.
 
 More details about these changes can be found on our GitHub repo.
 
diff --git a/certbot-nginx/certbot_nginx/constants.py b/certbot-nginx/certbot_nginx/constants.py
index c90b6b52f..2b22729a8 100644
--- a/certbot-nginx/certbot_nginx/constants.py
+++ b/certbot-nginx/certbot_nginx/constants.py
@@ -24,6 +24,7 @@ UPDATED_MOD_SSL_CONF_DIGEST = ".updated-options-ssl-nginx-conf-digest.txt"
 
 SSL_OPTIONS_HASHES_NEW = [
     '108c4555058a087496a3893aea5d9e1cee0f20a3085d44a52dc1a66522299ac3',
+    'd5e021706ecdccc7090111b0ae9a29ef61523e927f020e410caf0a1fd7063981',
 ]
 """SHA256 hashes of the contents of versions of MOD_SSL_CONF_SRC for nginx >= 1.13.0"""
 
@@ -31,6 +32,7 @@ SSL_OPTIONS_HASHES_MEDIUM = [
     '63e2bddebb174a05c9d8a7cf2adf72f7af04349ba59a1a925fe447f73b2f1abf',
     '2901debc7ecbc10917edd9084c05464c9c5930b463677571eaf8c94bffd11ae2',
     '30baca73ed9a5b0e9a69ea40e30482241d8b1a7343aa79b49dc5d7db0bf53b6c',
+    '02329eb19930af73c54b3632b3165d84571383b8c8c73361df940cb3894dd426',
 ]
 """SHA256 hashes of the contents of versions of MOD_SSL_CONF_SRC for nginx >= 1.5.9
    and nginx < 1.13.0"""
diff --git a/certbot-nginx/certbot_nginx/tls_configs/options-ssl-nginx-tls12-only.conf b/certbot-nginx/certbot_nginx/tls_configs/options-ssl-nginx-tls12-only.conf
index 1933cbc4f..a678b0507 100644
--- a/certbot-nginx/certbot_nginx/tls_configs/options-ssl-nginx-tls12-only.conf
+++ b/certbot-nginx/certbot_nginx/tls_configs/options-ssl-nginx-tls12-only.conf
@@ -6,7 +6,6 @@
 
 ssl_session_cache shared:le_nginx_SSL:10m;
 ssl_session_timeout 1440m;
-ssl_session_tickets off;
 
 ssl_protocols TLSv1.2;
 ssl_prefer_server_ciphers off;
diff --git a/certbot-nginx/certbot_nginx/tls_configs/options-ssl-nginx.conf b/certbot-nginx/certbot_nginx/tls_configs/options-ssl-nginx.conf
index 978e6e8ab..52fdfde24 100644
--- a/certbot-nginx/certbot_nginx/tls_configs/options-ssl-nginx.conf
+++ b/certbot-nginx/certbot_nginx/tls_configs/options-ssl-nginx.conf
@@ -6,7 +6,6 @@
 
 ssl_session_cache shared:le_nginx_SSL:10m;
 ssl_session_timeout 1440m;
-ssl_session_tickets off;
 
 ssl_protocols TLSv1.2 TLSv1.3;
 ssl_prefer_server_ciphers off;