diff --git a/src/server.c b/src/server.c
index 4c745d655..f90cfff5a 100644
--- a/src/server.c
+++ b/src/server.c
@@ -1643,6 +1643,15 @@ static void srv_ssl_settings_cpy(struct server *srv, struct server *src)
 		srv->ssl_ctx.verify_host = strdup(src->ssl_ctx.verify_host);
 	if (src->ssl_ctx.ciphers != NULL)
 		srv->ssl_ctx.ciphers = strdup(src->ssl_ctx.ciphers);
+	if (src->ssl_ctx.options)
+		srv->ssl_ctx.options = src->ssl_ctx.options;
+	if (src->ssl_ctx.methods.flags)
+		srv->ssl_ctx.methods.flags = src->ssl_ctx.methods.flags;
+	if (src->ssl_ctx.methods.min)
+		srv->ssl_ctx.methods.min = src->ssl_ctx.methods.min;
+	if (src->ssl_ctx.methods.max)
+		srv->ssl_ctx.methods.max = src->ssl_ctx.methods.max;
+
 #if (HA_OPENSSL_VERSION_NUMBER >= 0x10101000L && !defined OPENSSL_IS_BORINGSSL)
 	if (src->ssl_ctx.ciphersuites != NULL)
 		srv->ssl_ctx.ciphersuites = strdup(src->ssl_ctx.ciphersuites);
diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index cbb7e2fa2..437478819 100644
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -10051,6 +10051,16 @@ static int srv_parse_ssl(char **args, int *cur_arg, struct proxy *px, struct ser
 	if (global_ssl.connect_default_ciphersuites && !newsrv->ssl_ctx.ciphersuites)
 		newsrv->ssl_ctx.ciphersuites = strdup(global_ssl.connect_default_ciphersuites);
 #endif
+	newsrv->ssl_ctx.options |= global_ssl.connect_default_ssloptions;
+	newsrv->ssl_ctx.methods.flags |= global_ssl.connect_default_sslmethods.flags;
+
+	if (!newsrv->ssl_ctx.methods.min)
+		newsrv->ssl_ctx.methods.min = global_ssl.connect_default_sslmethods.min;
+
+	if (!newsrv->ssl_ctx.methods.max)
+		newsrv->ssl_ctx.methods.max = global_ssl.connect_default_sslmethods.max;
+
+
 	return 0;
 }