diff --git a/internal/ingress/controller/nginx.go b/internal/ingress/controller/nginx.go
index b17177c06..90df5d8e3 100644
--- a/internal/ingress/controller/nginx.go
+++ b/internal/ingress/controller/nginx.go
@@ -18,6 +18,7 @@ package controller
 
 import (
 	"bytes"
+	"crypto/tls"
 	"encoding/json"
 	"errors"
 	"fmt"
@@ -114,6 +115,10 @@ func NewNGINXController(config *Configuration, mc metric.Collector) *NGINXContro
 			Addr:      config.ValidationWebhook,
 			Handler:   adm_controller.NewAdmissionControllerServer(&adm_controller.IngressAdmission{Checker: n}),
 			TLSConfig: ssl.NewTLSListener(n.cfg.ValidationWebhookCertPath, n.cfg.ValidationWebhookKeyPath).TLSConfig(),
+			// disable http/2
+			// https://github.com/kubernetes/kubernetes/issues/80313
+			// https://github.com/kubernetes/ingress-nginx/issues/6323#issuecomment-737239159
+			TLSNextProto: make(map[string]func(*http.Server, *tls.Conn, http.Handler)),
 		}
 	}