diff --git a/tap/tlstapper/bpf/golang_uprobes.c b/tap/tlstapper/bpf/golang_uprobes.c
index 8c979ebc3..079449029 100644
--- a/tap/tlstapper/bpf/golang_uprobes.c
+++ b/tap/tlstapper/bpf/golang_uprobes.c
@@ -51,7 +51,7 @@ static __always_inline int golang_crypto_tls_write_uprobe(struct pt_regs *ctx) {
     __u64 pid_tgid = bpf_get_current_pid_tgid();
     b->pid = pid_tgid >> 32;
     b->fd = s->fd;
-    // ctx->rsi is common between golang_crypto_tls_write_uprobe and golang_net_http_read_uprobe
+    // ctx->rsi is common between golang_crypto_tls_write_uprobe and golang_crypto_tls_read_uprobe
     b->conn_addr = ctx->rsi; // go.itab.*net.TCPConn,net.Conn address
     b->is_request = true;
     b->len = ctx->rcx;
@@ -69,8 +69,8 @@ static __always_inline int golang_crypto_tls_write_uprobe(struct pt_regs *ctx) {
     return 0;
 }
 
-SEC("uprobe/golang_net_http_read")
-static __always_inline int golang_net_http_read_uprobe(struct pt_regs *ctx) {
+SEC("uprobe/golang_crypto_tls_read")
+static __always_inline int golang_crypto_tls_read_uprobe(struct pt_regs *ctx) {
     struct golang_read_write *b = NULL;
     b = bpf_ringbuf_reserve(&golang_read_writes, sizeof(struct golang_read_write), 0);
     if (!b) {
@@ -79,15 +79,16 @@ static __always_inline int golang_net_http_read_uprobe(struct pt_regs *ctx) {
 
     __u64 pid_tgid = bpf_get_current_pid_tgid();
     b->pid = pid_tgid >> 32;
-    // ctx->rsi is common between golang_crypto_tls_write_uprobe and golang_net_http_read_uprobe
+    // ctx->rsi is common between golang_crypto_tls_write_uprobe and golang_crypto_tls_read_uprobe
     b->conn_addr = ctx->rsi; // go.itab.*net.TCPConn,net.Conn address
     b->is_request = false;
     b->len = ctx->rax;
     b->cap = ctx->r10;
 
-    __u32 status = bpf_probe_read_str(&b->data, sizeof(b->data), (void*)ctx->r8);
+    // Address at ctx->rbx - 0x2bf holds the data
+    __u32 status = bpf_probe_read_str(&b->data, sizeof(b->data), (void*)(ctx->rbx - 0x2bf));
     if (status < 0) {
-        bpf_printk("[golang_net_http_read_uprobe] error reading data: %d", status);
+        bpf_printk("[golang_crypto_tls_read_uprobe] error reading data: %d", status);
         bpf_ringbuf_discard(b, BPF_RB_FORCE_WAKEUP);
         return 0;
     }
diff --git a/tap/tlstapper/golang_hooks.go b/tap/tlstapper/golang_hooks.go
index 4f4a5537f..4c439e39f 100644
--- a/tap/tlstapper/golang_hooks.go
+++ b/tap/tlstapper/golang_hooks.go
@@ -62,9 +62,9 @@ func (s *golangHooks) installHooks(bpfObjects *tlsTapperObjects, ex *link.Execut
 	}
 
 	// Relative offset points to
-	// [`net/http.(*persistConn).Read+92`](https://github.com/golang/go/blob/fe4de36198794c447fbd9d7cc2d7199a506c76a5/src/net/http/transport.go#L1929)
-	s.golangReadProbe, err = ex.Uprobe(golangReadSymbol, bpfObjects.GolangNetHttpReadUprobe, &link.UprobeOptions{
-		Offset: offsets.GolangReadOffset + 0x5c,
+	// [`crypto/tls.(*Conn).Read+559`](https://github.com/golang/go/blob/fe4de36198794c447fbd9d7cc2d7199a506c76a5/src/crypto/tls/conn.go#L1306)
+	s.golangReadProbe, err = ex.Uprobe(golangReadSymbol, bpfObjects.GolangCryptoTlsReadUprobe, &link.UprobeOptions{
+		Offset: offsets.GolangReadOffset + 0x22f,
 	})
 
 	if err != nil {
diff --git a/tap/tlstapper/golang_offsets.go b/tap/tlstapper/golang_offsets.go
index 183aa5e48..cf02d1438 100644
--- a/tap/tlstapper/golang_offsets.go
+++ b/tap/tlstapper/golang_offsets.go
@@ -21,7 +21,7 @@ const (
 	minimumSupportedGoVersion = "1.17.0"
 	golangVersionSymbol       = "runtime.buildVersion.str"
 	golangWriteSymbol         = "crypto/tls.(*Conn).Write"
-	golangReadSymbol          = "net/http.(*persistConn).Read"
+	golangReadSymbol          = "crypto/tls.(*Conn).Read"
 	golangSocketSymbol        = "net.socket"
 	golangDialSymbol          = "net/http.(*Transport).dialConn"
 )
diff --git a/tap/tlstapper/tlstapper_bpfeb.go b/tap/tlstapper/tlstapper_bpfeb.go
index f39bb5e29..bd214cc5e 100644
--- a/tap/tlstapper/tlstapper_bpfeb.go
+++ b/tap/tlstapper/tlstapper_bpfeb.go
@@ -77,9 +77,9 @@ type tlsTapperSpecs struct {
 //
 // It can be passed ebpf.CollectionSpec.Assign.
 type tlsTapperProgramSpecs struct {
+	GolangCryptoTlsReadUprobe   *ebpf.ProgramSpec `ebpf:"golang_crypto_tls_read_uprobe"`
 	GolangCryptoTlsWriteUprobe  *ebpf.ProgramSpec `ebpf:"golang_crypto_tls_write_uprobe"`
 	GolangNetHttpDialconnUprobe *ebpf.ProgramSpec `ebpf:"golang_net_http_dialconn_uprobe"`
-	GolangNetHttpReadUprobe     *ebpf.ProgramSpec `ebpf:"golang_net_http_read_uprobe"`
 	GolangNetSocketUprobe       *ebpf.ProgramSpec `ebpf:"golang_net_socket_uprobe"`
 	SslRead                     *ebpf.ProgramSpec `ebpf:"ssl_read"`
 	SslReadEx                   *ebpf.ProgramSpec `ebpf:"ssl_read_ex"`
@@ -169,9 +169,9 @@ func (m *tlsTapperMaps) Close() error {
 //
 // It can be passed to loadTlsTapperObjects or ebpf.CollectionSpec.LoadAndAssign.
 type tlsTapperPrograms struct {
+	GolangCryptoTlsReadUprobe   *ebpf.Program `ebpf:"golang_crypto_tls_read_uprobe"`
 	GolangCryptoTlsWriteUprobe  *ebpf.Program `ebpf:"golang_crypto_tls_write_uprobe"`
 	GolangNetHttpDialconnUprobe *ebpf.Program `ebpf:"golang_net_http_dialconn_uprobe"`
-	GolangNetHttpReadUprobe     *ebpf.Program `ebpf:"golang_net_http_read_uprobe"`
 	GolangNetSocketUprobe       *ebpf.Program `ebpf:"golang_net_socket_uprobe"`
 	SslRead                     *ebpf.Program `ebpf:"ssl_read"`
 	SslReadEx                   *ebpf.Program `ebpf:"ssl_read_ex"`
@@ -191,9 +191,9 @@ type tlsTapperPrograms struct {
 
 func (p *tlsTapperPrograms) Close() error {
 	return _TlsTapperClose(
+		p.GolangCryptoTlsReadUprobe,
 		p.GolangCryptoTlsWriteUprobe,
 		p.GolangNetHttpDialconnUprobe,
-		p.GolangNetHttpReadUprobe,
 		p.GolangNetSocketUprobe,
 		p.SslRead,
 		p.SslReadEx,
diff --git a/tap/tlstapper/tlstapper_bpfeb.o b/tap/tlstapper/tlstapper_bpfeb.o
index adddb91cc..70d3f7719 100644
Binary files a/tap/tlstapper/tlstapper_bpfeb.o and b/tap/tlstapper/tlstapper_bpfeb.o differ
diff --git a/tap/tlstapper/tlstapper_bpfel.go b/tap/tlstapper/tlstapper_bpfel.go
index df180fe62..bb330bf43 100644
--- a/tap/tlstapper/tlstapper_bpfel.go
+++ b/tap/tlstapper/tlstapper_bpfel.go
@@ -77,9 +77,9 @@ type tlsTapperSpecs struct {
 //
 // It can be passed ebpf.CollectionSpec.Assign.
 type tlsTapperProgramSpecs struct {
+	GolangCryptoTlsReadUprobe   *ebpf.ProgramSpec `ebpf:"golang_crypto_tls_read_uprobe"`
 	GolangCryptoTlsWriteUprobe  *ebpf.ProgramSpec `ebpf:"golang_crypto_tls_write_uprobe"`
 	GolangNetHttpDialconnUprobe *ebpf.ProgramSpec `ebpf:"golang_net_http_dialconn_uprobe"`
-	GolangNetHttpReadUprobe     *ebpf.ProgramSpec `ebpf:"golang_net_http_read_uprobe"`
 	GolangNetSocketUprobe       *ebpf.ProgramSpec `ebpf:"golang_net_socket_uprobe"`
 	SslRead                     *ebpf.ProgramSpec `ebpf:"ssl_read"`
 	SslReadEx                   *ebpf.ProgramSpec `ebpf:"ssl_read_ex"`
@@ -169,9 +169,9 @@ func (m *tlsTapperMaps) Close() error {
 //
 // It can be passed to loadTlsTapperObjects or ebpf.CollectionSpec.LoadAndAssign.
 type tlsTapperPrograms struct {
+	GolangCryptoTlsReadUprobe   *ebpf.Program `ebpf:"golang_crypto_tls_read_uprobe"`
 	GolangCryptoTlsWriteUprobe  *ebpf.Program `ebpf:"golang_crypto_tls_write_uprobe"`
 	GolangNetHttpDialconnUprobe *ebpf.Program `ebpf:"golang_net_http_dialconn_uprobe"`
-	GolangNetHttpReadUprobe     *ebpf.Program `ebpf:"golang_net_http_read_uprobe"`
 	GolangNetSocketUprobe       *ebpf.Program `ebpf:"golang_net_socket_uprobe"`
 	SslRead                     *ebpf.Program `ebpf:"ssl_read"`
 	SslReadEx                   *ebpf.Program `ebpf:"ssl_read_ex"`
@@ -191,9 +191,9 @@ type tlsTapperPrograms struct {
 
 func (p *tlsTapperPrograms) Close() error {
 	return _TlsTapperClose(
+		p.GolangCryptoTlsReadUprobe,
 		p.GolangCryptoTlsWriteUprobe,
 		p.GolangNetHttpDialconnUprobe,
-		p.GolangNetHttpReadUprobe,
 		p.GolangNetSocketUprobe,
 		p.SslRead,
 		p.SslReadEx,
diff --git a/tap/tlstapper/tlstapper_bpfel.o b/tap/tlstapper/tlstapper_bpfel.o
index 357ba0b0c..addcbcaf9 100644
Binary files a/tap/tlstapper/tlstapper_bpfel.o and b/tap/tlstapper/tlstapper_bpfel.o differ