diff --git a/Cargo.lock b/Cargo.lock
index 536a1c875e..0d73adc05c 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -1358,7 +1358,6 @@ dependencies = [
  "ratelimit",
  "regex",
  "rusqlite",
- "rustls-pki-types",
  "sanitize-filename",
  "sdp",
  "serde",
diff --git a/Cargo.toml b/Cargo.toml
index ed623fc51e..2b1f8b1590 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -86,7 +86,6 @@ rand-old = { package = "rand", version = "0.8" }
 rand = { workspace = true }
 regex = { workspace = true }
 rusqlite = { workspace = true, features = ["sqlcipher"] }
-rustls-pki-types = "1.12.0"
 sanitize-filename = { workspace = true }
 sdp = "0.10.0"
 serde_json = { workspace = true }
diff --git a/src/net/tls.rs b/src/net/tls.rs
index d339f3b2ba..0745b32608 100644
--- a/src/net/tls.rs
+++ b/src/net/tls.rs
@@ -7,6 +7,7 @@ use anyhow::Result;
 
 use crate::net::session::SessionStream;
 
+use tokio_rustls::rustls;
 use tokio_rustls::rustls::client::ClientSessionStore;
 
 pub async fn wrap_tls<'a>(
@@ -82,7 +83,7 @@ impl TlsSessionStore {
                 .lock()
                 .entry((port, alpn.to_string()))
                 .or_insert_with(|| {
-                    Arc::new(tokio_rustls::rustls::client::ClientSessionMemoryCache::new(
+                    Arc::new(rustls::client::ClientSessionMemoryCache::new(
                         TLS_CACHE_SIZE,
                     ))
                 }),
@@ -98,10 +99,10 @@ pub async fn wrap_rustls<'a>(
     stream: impl SessionStream + 'a,
     tls_session_store: &TlsSessionStore,
 ) -> Result<impl SessionStream + 'a> {
-    let mut root_cert_store = tokio_rustls::rustls::RootCertStore::empty();
+    let mut root_cert_store = rustls::RootCertStore::empty();
     root_cert_store.extend(webpki_roots::TLS_SERVER_ROOTS.iter().cloned());
 
-    let mut config = tokio_rustls::rustls::ClientConfig::builder()
+    let mut config = rustls::ClientConfig::builder()
         .with_root_certificates(root_cert_store)
         .with_no_client_auth();
     config.alpn_protocols = if alpn.is_empty() {
@@ -118,13 +119,13 @@ pub async fn wrap_rustls<'a>(
     // and are not worth increasing
     // attack surface: <https://words.filippo.io/we-need-to-talk-about-session-tickets/>.
     let resumption_store = tls_session_store.get(port, alpn);
-    let resumption = tokio_rustls::rustls::client::Resumption::store(resumption_store)
-        .tls12_resumption(tokio_rustls::rustls::client::Tls12Resumption::Disabled);
+    let resumption = rustls::client::Resumption::store(resumption_store)
+        .tls12_resumption(rustls::client::Tls12Resumption::Disabled);
     config.resumption = resumption;
     config.enable_sni = use_sni;
 
     let tls = tokio_rustls::TlsConnector::from(Arc::new(config));
-    let name = rustls_pki_types::ServerName::try_from(hostname)?.to_owned();
+    let name = tokio_rustls::rustls::pki_types::ServerName::try_from(hostname)?.to_owned();
     let tls_stream = tls.connect(name, stream).await?;
     Ok(tls_stream)
 }