diff --git a/hscontrol/app.go b/hscontrol/app.go
index e67cadc..dec14a3 100644
--- a/hscontrol/app.go
+++ b/hscontrol/app.go
@@ -807,13 +807,13 @@ func (h *Headscale) getTLSSettings() (*tls.Config, error) {
 		}
 
 		switch h.cfg.TLS.LetsEncrypt.ChallengeType {
-		case types.TlsALPN01ChallengeType:
+		case types.TLSALPN01ChallengeType:
 			// Configuration via autocert with TLS-ALPN-01 (https://tools.ietf.org/html/rfc8737)
 			// The RFC requires that the validation is done on port 443; in other words, headscale
 			// must be reachable on port 443.
 			return certManager.TLSConfig(), nil
 
-		case types.Http01ChallengeType:
+		case types.HTTP01ChallengeType:
 			// Configuration via autocert with HTTP-01. This requires listening on
 			// port 80 for the certificate validation in addition to the headscale
 			// service, which can be configured to run on any other port.
diff --git a/hscontrol/types/config.go b/hscontrol/types/config.go
index dbbb0be..c5a9adb 100644
--- a/hscontrol/types/config.go
+++ b/hscontrol/types/config.go
@@ -159,7 +159,7 @@ func LoadConfig(path string, isFile bool) error {
 	viper.AutomaticEnv()
 
 	viper.SetDefault("tls_letsencrypt_cache_dir", "/var/www/.cache")
-	viper.SetDefault("tls_letsencrypt_challenge_type", Http01ChallengeType)
+	viper.SetDefault("tls_letsencrypt_challenge_type", HTTP01ChallengeType)
 
 	viper.SetDefault("log.level", "info")
 	viper.SetDefault("log.format", TextLogFormat)
@@ -216,15 +216,15 @@ func LoadConfig(path string, isFile bool) error {
 	}
 
 	if (viper.GetString("tls_letsencrypt_hostname") != "") &&
-		(viper.GetString("tls_letsencrypt_challenge_type") == TlsALPN01ChallengeType) &&
+		(viper.GetString("tls_letsencrypt_challenge_type") == TLSALPN01ChallengeType) &&
 		(!strings.HasSuffix(viper.GetString("listen_addr"), ":443")) {
 		// this is only a warning because there could be something sitting in front of headscale that redirects the traffic (e.g. an iptables rule)
 		log.Warn().
 			Msg("Warning: when using tls_letsencrypt_hostname with TLS-ALPN-01 as challenge type, headscale must be reachable on port 443, i.e. listen_addr should probably end in :443")
 	}
 
-	if (viper.GetString("tls_letsencrypt_challenge_type") != Http01ChallengeType) &&
-		(viper.GetString("tls_letsencrypt_challenge_type") != TlsALPN01ChallengeType) {
+	if (viper.GetString("tls_letsencrypt_challenge_type") != HTTP01ChallengeType) &&
+		(viper.GetString("tls_letsencrypt_challenge_type") != TLSALPN01ChallengeType) {
 		errorText += "Fatal config error: the only supported values for tls_letsencrypt_challenge_type are HTTP-01 and TLS-ALPN-01\n"
 	}
 
diff --git a/hscontrol/types/const.go b/hscontrol/types/const.go
index 3a733ea..e718eb2 100644
--- a/hscontrol/types/const.go
+++ b/hscontrol/types/const.go
@@ -5,8 +5,8 @@ import "time"
 const (
 	HTTPReadTimeout        = 30 * time.Second
 	HTTPShutdownTimeout    = 3 * time.Second
-	TlsALPN01ChallengeType = "TLS-ALPN-01"
-	Http01ChallengeType    = "HTTP-01"
+	TLSALPN01ChallengeType = "TLS-ALPN-01"
+	HTTP01ChallengeType    = "HTTP-01"
 
 	JSONLogFormat = "json"
 	TextLogFormat = "text"