diff --git a/Data/Conduit/Network/TLS.hs b/Data/Conduit/Network/TLS.hs
--- a/Data/Conduit/Network/TLS.hs
+++ b/Data/Conduit/Network/TLS.hs
@@ -31,31 +31,23 @@
     ) where
 
 import Prelude hiding (FilePath, readFile)
-import Data.Aeson (FromJSON (parseJSON), (.:), (.:?), (.!=), Value (Object))
 import Control.Applicative ((<$>), (<*>))
-import Control.Monad (mzero, forever)
-import Data.String (fromString)
-import Filesystem.Path.CurrentOS ((</>), FilePath)
+import Control.Monad (forever)
+import Filesystem.Path.CurrentOS (FilePath)
 import Filesystem (readFile)
 import qualified Data.ByteString.Lazy as L
-import qualified Data.Certificate.KeyRSA as KeyRSA
-import qualified Data.PEM as PEM
 import qualified Network.TLS as TLS
-import qualified Data.Certificate.X509 as X509
-import Data.Conduit.Network (HostPreference, Application, bindPort, sinkSocket, acceptSafe, runTCPServerWithHandle, ConnectionHandle(..), serverSettings, sourceSocket)
+import Data.Conduit.Network (HostPreference, Application, sinkSocket, runTCPServerWithHandle, ConnectionHandle(..), serverSettings, sourceSocket)
 import Data.Conduit.Network.Internal (AppData (..))
 import Data.Conduit.Network.TLS.Internal
-import Data.Conduit (($$), yield, awaitForever, Producer, Consumer)
+import Data.Conduit (yield, awaitForever, Producer, Consumer)
 import qualified Data.Conduit.List as CL
-import Data.Either (rights)
-import Network.Socket (sClose, getSocketName, SockAddr (SockAddrInet))
+import Network.Socket (SockAddr (SockAddrInet))
 import Network.Socket.ByteString (recv, sendAll)
-import Control.Exception (bracket, finally)
-import Control.Concurrent (forkIO)
+import Control.Exception (bracket)
 import Control.Monad.Trans.Class (lift)
 import Control.Monad.IO.Class (liftIO, MonadIO)
 import qualified Network.TLS.Extra as TLSExtra
-import Crypto.Random.API (getSystemRandomGen, SystemRandom)
 import Network.Socket (Socket)
 import qualified Data.ByteString as S
 import qualified Data.ByteString.Char8 as S8
@@ -216,27 +208,6 @@
         (error . ("Error reading TLS credentials: " ++))
         (return . TLS.Credentials . return)
 
-readCertificates :: TlsCertData -> IO [X509.X509]
-readCertificates certData = do
-    certs <- rights . parseCerts . PEM.pemParseBS <$> getTLSCert certData
-    case certs of
-        []    -> error "no valid certificate found"
-        (_:_) -> return certs
-    where parseCerts (Right pems) = map (X509.decodeCertificate . L.fromChunks . (:[]) . PEM.pemContent)
-                                  $ filter (flip elem ["CERTIFICATE", "TRUSTED CERTIFICATE"] . PEM.pemName) pems
-          parseCerts (Left err) = error $ "cannot parse PEM file: " ++ err
-
-readPrivateKey :: TlsCertData -> IO TLS.PrivKey
-readPrivateKey certData = do
-    pk <- rights . parseKey . PEM.pemParseBS <$> getTLSKey certData
-    case pk of
-        []    -> error "no valid RSA key found"
-        (x:_) -> return x
-
-    where parseKey (Right pems) = map (fmap (TLS.PrivKeyRSA . snd) . KeyRSA.decodePrivate . L.fromChunks . (:[]) . PEM.pemContent)
-                                $ filter ((== "RSA PRIVATE KEY") . PEM.pemName) pems
-          parseKey (Left err) = error $ "Cannot parse PEM file: " ++ err
-
 -- | TLS requires exactly the number of bytes requested to be returned.
 recvExact :: Socket -> Int -> IO S.ByteString
 recvExact socket =
@@ -342,7 +313,6 @@
             , NC.connectionUseSecure = Nothing
             , NC.connectionUseSocks = tlsClientSockSettings
             }
-        tlsSettings = tlsClientTLSSettings
     control $ \run -> bracket
         (NC.connectTo context params)
         NC.connectionClose
diff --git a/Data/Conduit/Network/TLS/Internal.hs b/Data/Conduit/Network/TLS/Internal.hs
--- a/Data/Conduit/Network/TLS/Internal.hs
+++ b/Data/Conduit/Network/TLS/Internal.hs
@@ -6,7 +6,6 @@
 
 import Prelude hiding (FilePath)
 import Data.Conduit.Network (HostPreference)
-import Filesystem.Path.CurrentOS (FilePath)
 import qualified Data.ByteString as S
 
 -- structure providing access to certificate and key data through call backs 
diff --git a/network-conduit-tls.cabal b/network-conduit-tls.cabal
--- a/network-conduit-tls.cabal
+++ b/network-conduit-tls.cabal
@@ -1,5 +1,5 @@
 name:                network-conduit-tls
-version:             1.0.4.1
+version:             1.0.4.2
 synopsis:            Create TLS-aware network code with conduits
 description:         Uses the tls package for a pure-Haskell implementation.
 homepage:            https://github.com/snoyberg/conduit
@@ -15,19 +15,14 @@
   exposed-modules:    Data.Conduit.Network.TLS
                       Data.Conduit.Network.TLS.Internal
   build-depends:      base            >= 4        && < 5
-                    , aeson           >= 0.5
                     , system-filepath >= 0.4
                     , system-fileio   >= 0.3
                     , bytestring      >= 0.9
-                    , certificate     >= 1.2
-                    , pem             >= 0.1
                     , tls             >= 1.2.2
                     , network-conduit >= 1.0
                     , conduit         >= 1.0
                     , network
                     , transformers
-                    , crypto-api      >= 0.10
-                    , crypto-random-api >= 0.2
                     , cprng-aes
                     , connection
                     , monad-control
