diff --git a/CHANGES.rst b/CHANGES.rst
index fb718d3..6a254dd 100644
--- a/CHANGES.rst
+++ b/CHANGES.rst
@@ -6,7 +6,8 @@ Release <TBD>
 
 Important notes:
 
-* ...
+* WE_HAVE_SSL configuration setting name was changed to WE_HAVE_TLS.
+  Please update your configuration, if you use it.
 
 New Features:
 
diff --git a/docs/security.rst b/docs/security.rst
index 16ce29b..8a44b83 100644
--- a/docs/security.rst
+++ b/docs/security.rst
@@ -10,7 +10,7 @@ Use https for the web interface as well as for the update client (if possible).
 Otherwise, your username / password (FQDN / update secret) will be transmitted
 in clear text (unencrypted).
 
-The web interface will warn you if you use it via http. If WE_HAVE_SSL is
+The web interface will warn you if you use it via http. If WE_HAVE_TLS is
 set to True, it will suggest you better use the https site and link there.
 
 Additionally, the service administrator can implement a redirect from the
@@ -134,7 +134,7 @@ The software ("as is") uses these cookies:
 * "sessionid" (host-only, to keep the session when you have logged-in to the
   web interface)
 
-If you have set WE_HAVE_SSL to True (because you run the software on a https
+If you have set WE_HAVE_TLS to True (because you run the software on a https
 site), you should also set *_COOKIE_SECURE to True to avoid the cookies getting
 transmitted via http.
 
diff --git a/nsupdate/context_processors.py b/nsupdate/context_processors.py
index 6fb8f3b..33f0efa 100644
--- a/nsupdate/context_processors.py
+++ b/nsupdate/context_processors.py
@@ -22,7 +22,7 @@ def add_settings(request):
     context['WWW_IPV4_HOST'] = settings.WWW_IPV4_HOST
     context['WWW_IPV6_HOST'] = settings.WWW_IPV6_HOST
     context['SERVICE_CONTACT'] = settings.SERVICE_CONTACT  # about view
-    context['WE_HAVE_SSL'] = settings.WE_HAVE_SSL
+    context['WE_HAVE_TLS'] = settings.WE_HAVE_TLS
     context['COOKIE_SECURE'] = settings.SESSION_COOKIE_SECURE or settings.CSRF_COOKIE_SECURE
     return context
 
diff --git a/nsupdate/main/templates/main/includes/tabbed_router_configuration.html b/nsupdate/main/templates/main/includes/tabbed_router_configuration.html
index 0229390..8787f04 100644
--- a/nsupdate/main/templates/main/includes/tabbed_router_configuration.html
+++ b/nsupdate/main/templates/main/includes/tabbed_router_configuration.html
@@ -26,7 +26,7 @@
             PC software) <em>and</em> the specific nsupdate.info-based service, https might be not supported.
             So, if it does not work, you have the choice of using a different update client and/or a different service,
             or transmitting your data using an unencrypted connection (using http: instead of https:).<br>
-            <b>On {{ WWW_HOST }} https is {% if not WE_HAVE_SSL %}not {% endif %}supported.</b>
+            <b>On {{ WWW_HOST }} https is {% if not WE_HAVE_TLS %}not {% endif %}supported.</b>
         </p>
         <hr>
         <p>
diff --git a/nsupdate/settings/dev.py b/nsupdate/settings/dev.py
index e4c9cd3..c444284 100644
--- a/nsupdate/settings/dev.py
+++ b/nsupdate/settings/dev.py
@@ -7,9 +7,9 @@ from .base import *
 DEBUG = True
 TEMPLATE_DEBUG = DEBUG
 
-WE_HAVE_SSL = False  # True if you run a https site also, suggest that site to users if they work on the http site.
-CSRF_COOKIE_SECURE = WE_HAVE_SSL
-SESSION_COOKIE_SECURE = WE_HAVE_SSL
+WE_HAVE_TLS = False  # True if you run a https site also, suggest that site to users if they work on the http site.
+CSRF_COOKIE_SECURE = WE_HAVE_TLS
+SESSION_COOKIE_SECURE = WE_HAVE_TLS
 
 BASEDOMAIN = 'nsupdate.info'
 WWW_HOST = 'localhost:8000'
diff --git a/nsupdate/settings/prod.py b/nsupdate/settings/prod.py
index fe91f15..4f421e2 100644
--- a/nsupdate/settings/prod.py
+++ b/nsupdate/settings/prod.py
@@ -7,9 +7,9 @@ from .base import *
 DEBUG = False
 TEMPLATE_DEBUG = DEBUG
 
-WE_HAVE_SSL = True  # True if you run a https site also, suggest that site to users if they work on the http site.
-CSRF_COOKIE_SECURE = WE_HAVE_SSL
-SESSION_COOKIE_SECURE = WE_HAVE_SSL
+WE_HAVE_TLS = True  # True if you run a https site also, suggest that site to users if they work on the http site.
+CSRF_COOKIE_SECURE = WE_HAVE_TLS
+SESSION_COOKIE_SECURE = WE_HAVE_TLS
 
 # these are the service host names we deal with
 BASEDOMAIN = 'nsupdate.info'
diff --git a/nsupdate/templates/base.html b/nsupdate/templates/base.html
index f278d02..e647678 100644
--- a/nsupdate/templates/base.html
+++ b/nsupdate/templates/base.html
@@ -88,7 +88,7 @@
                             <div class="alert alert-danger">
                                 <button type="button" class="close" data-dismiss="alert">&times;</button>
                                 Your (http) connection is unencrypted and thus insecure.
-                                {% if WE_HAVE_SSL %}
+                                {% if WE_HAVE_TLS %}
                                     Please use our <a href="https://{{ WWW_HOST }}/">secure https site</a>.
                                 {% endif %}
                                 {% if COOKIE_SECURE %}