diff --git a/doc/api/tls.md b/doc/api/tls.md
index 26d7e157aa894d..a19a78dc9a0c2e 100644
--- a/doc/api/tls.md
+++ b/doc/api/tls.md
@@ -558,12 +558,12 @@ Always returns `true`. This may be used to distinguish TLS sockets from regular
 added: v0.11.4
 -->
 
-Returns an object representing the cipher name and the SSL/TLS protocol version
-that first defined the cipher.
+Returns an object representing the cipher name. The `version` key is a legacy
+field which always contains the value `'TLSv1/SSLv3'`.
 
 For example: `{ name: 'AES256-SHA', version: 'TLSv1/SSLv3' }`
 
-See `SSL_CIPHER_get_name()` and `SSL_CIPHER_get_version()` in
+See `SSL_CIPHER_get_name()` in
 https://www.openssl.org/docs/man1.0.2/ssl/SSL_CIPHER_get_name.html for more
 information.
 
diff --git a/src/node_crypto.cc b/src/node_crypto.cc
index 8a86c6613a2d08..f1a24ba5458a1f 100644
--- a/src/node_crypto.cc
+++ b/src/node_crypto.cc
@@ -2265,9 +2265,8 @@ void SSLWrap<Base>::GetCurrentCipher(const FunctionCallbackInfo<Value>& args) {
   Local<Object> info = Object::New(env->isolate());
   const char* cipher_name = SSL_CIPHER_get_name(c);
   info->Set(env->name_string(), OneByteString(args.GetIsolate(), cipher_name));
-  const char* cipher_version = SSL_CIPHER_get_version(c);
   info->Set(env->version_string(),
-            OneByteString(args.GetIsolate(), cipher_version));
+            OneByteString(args.GetIsolate(), "TLSv1/SSLv3"));
   args.GetReturnValue().Set(info);
 }