diff --git a/lib/_tls_wrap.js b/lib/_tls_wrap.js
index e91e9f8aae4736..5e0f648797d661 100644
--- a/lib/_tls_wrap.js
+++ b/lib/_tls_wrap.js
@@ -21,17 +21,21 @@
 
 'use strict';
 
-require('internal/util').assertCrypto();
+const {
+  assertCrypto,
+  deprecate
+} = require('internal/util');
+
+assertCrypto();
 
 const assert = require('internal/assert');
 const crypto = require('crypto');
 const net = require('net');
 const tls = require('tls');
-const util = require('util');
 const common = require('_tls_common');
 const JSStreamSocket = require('internal/js_stream_socket');
 const { Buffer } = require('buffer');
-const debug = util.debuglog('tls');
+const debug = require('internal/util/debuglog').debuglog('tls');
 const { TCP, constants: TCPConstants } = internalBinding('tcp_wrap');
 const tls_wrap = internalBinding('tls_wrap');
 const { Pipe, constants: PipeConstants } = internalBinding('pipe_wrap');
@@ -393,7 +397,8 @@ function TLSSocket(socket, opts) {
   // Read on next tick so the caller has a chance to setup listeners
   process.nextTick(initRead, this, socket);
 }
-util.inherits(TLSSocket, net.Socket);
+Object.setPrototypeOf(TLSSocket.prototype, net.Socket.prototype);
+Object.setPrototypeOf(TLSSocket, net.Socket);
 exports.TLSSocket = TLSSocket;
 
 var proxiedMethods = [
@@ -985,7 +990,8 @@ function Server(options, listener) {
   }
 }
 
-util.inherits(Server, net.Server);
+Object.setPrototypeOf(Server.prototype, net.Server.prototype);
+Object.setPrototypeOf(Server, net.Server);
 exports.Server = Server;
 exports.createServer = function createServer(options, listener) {
   return new Server(options, listener);
@@ -1133,7 +1139,7 @@ Server.prototype.setTicketKeys = function setTicketKeys(keys) {
 };
 
 
-Server.prototype.setOptions = util.deprecate(function(options) {
+Server.prototype.setOptions = deprecate(function(options) {
   this.requestCert = options.requestCert === true;
   this.rejectUnauthorized = options.rejectUnauthorized !== false;