diff --git a/tls/handshake_server.go b/tls/handshake_server.go
index 0d90765..3ad1f19 100644
--- a/tls/handshake_server.go
+++ b/tls/handshake_server.go
@@ -230,7 +230,7 @@ Curves:
 			// The client is doing a fallback connection.
 			if hs.clientHello.vers < c.config.MaxVersion {
 				c.sendAlert(alertInappropriateFallback)
-				return false, errors.New("tls: client using inppropriate protocol fallback")
+				return false, errors.New("tls: client using inappropriate protocol fallback")
 			}
 			break
 		}
diff --git a/tls/handshake_server_test.go b/tls/handshake_server_test.go
index 0338af4..a07905c 100644
--- a/tls/handshake_server_test.go
+++ b/tls/handshake_server_test.go
@@ -641,7 +641,7 @@ func TestHandshakeServerSNIGetCertificateError(t *testing.T) {
 	runServerTestTLS12(t, test)
 }
 
-// TestCipherSuiteCertPreferance ensures that we select an RSA ciphersuite with
+// TestCipherSuiteCertPreference ensures that we select an RSA ciphersuite with
 // an RSA certificate and an ECDSA ciphersuite with an ECDSA certificate.
 func TestCipherSuiteCertPreferenceECDSA(t *testing.T) {
 	config := *testConfig
@@ -720,7 +720,7 @@ func TestFallbackSCSV(t *testing.T) {
 		name: "FallbackSCSV",
 		// OpenSSL 1.0.1j is needed for the -fallback_scsv option.
 		command: []string{"openssl", "s_client", "-fallback_scsv"},
-		expectHandshakeErrorIncluding: "inppropriate protocol fallback",
+		expectHandshakeErrorIncluding: "inappropriate protocol fallback",
 	}
 	runServerTestTLS11(t, test)
 }