diff --git a/config/config.go b/config/config.go
index 27a61ff70..2442f64b2 100644
--- a/config/config.go
+++ b/config/config.go
@@ -1306,11 +1306,12 @@ func (re Regexp) MarshalYAML() (interface{}, error) {
 type RemoteWriteConfig struct {
 	URL                 *URL             `yaml:"url,omitempty"`
 	RemoteTimeout       model.Duration   `yaml:"remote_timeout,omitempty"`
-	BasicAuth           *BasicAuth       `yaml:"basic_auth,omitempty"`
-	TLSConfig           TLSConfig        `yaml:"tls_config,omitempty"`
-	ProxyURL            URL              `yaml:"proxy_url,omitempty"`
 	WriteRelabelConfigs []*RelabelConfig `yaml:"write_relabel_configs,omitempty"`
 
+	// We cannot do proper Go type embedding below as the parser will then parse
+	// values arbitrarily into the overflow maps of further-down types.
+	HTTPClientConfig HTTPClientConfig `yaml:",inline"`
+
 	// Catches all undefined fields and must be empty after parsing.
 	XXX map[string]interface{} `yaml:",inline"`
 }
@@ -1332,9 +1333,10 @@ func (c *RemoteWriteConfig) UnmarshalYAML(unmarshal func(interface{}) error) err
 type RemoteReadConfig struct {
 	URL           *URL           `yaml:"url,omitempty"`
 	RemoteTimeout model.Duration `yaml:"remote_timeout,omitempty"`
-	BasicAuth     *BasicAuth     `yaml:"basic_auth,omitempty"`
-	TLSConfig     TLSConfig      `yaml:"tls_config,omitempty"`
-	ProxyURL      URL            `yaml:"proxy_url,omitempty"`
+
+	// We cannot do proper Go type embedding below as the parser will then parse
+	// values arbitrarily into the overflow maps of further-down types.
+	HTTPClientConfig HTTPClientConfig `yaml:",inline"`
 
 	// Catches all undefined fields and must be empty after parsing.
 	XXX map[string]interface{} `yaml:",inline"`
diff --git a/storage/remote/client.go b/storage/remote/client.go
index e321200c0..d27c59c56 100644
--- a/storage/remote/client.go
+++ b/storage/remote/client.go
@@ -27,8 +27,8 @@ import (
 
 	"github.com/prometheus/common/model"
 	"github.com/prometheus/prometheus/config"
+	"github.com/prometheus/prometheus/retrieval"
 	"github.com/prometheus/prometheus/storage/metric"
-	"github.com/prometheus/prometheus/util/httputil"
 )
 
 // Client allows reading and writing from/to a remote HTTP endpoint.
@@ -40,35 +40,22 @@ type Client struct {
 }
 
 type clientConfig struct {
-	url       *config.URL
-	tlsConfig config.TLSConfig
-	proxyURL  *config.URL
-	basicAuth *config.BasicAuth
-	timeout   model.Duration
+	url              *config.URL
+	timeout          model.Duration
+	httpClientConfig config.HTTPClientConfig
 }
 
 // NewClient creates a new Client.
 func NewClient(index int, conf *clientConfig) (*Client, error) {
-	tlsConfig, err := httputil.NewTLSConfig(conf.tlsConfig)
+	httpClient, err := retrieval.NewHTTPClient(conf.httpClientConfig)
 	if err != nil {
 		return nil, err
 	}
 
-	// The only timeout we care about is the configured push timeout.
-	// It is applied on request. So we leave out any timings here.
-	var rt http.RoundTripper = &http.Transport{
-		Proxy:           http.ProxyURL(conf.proxyURL.URL),
-		TLSClientConfig: tlsConfig,
-	}
-
-	if conf.basicAuth != nil {
-		rt = httputil.NewBasicAuthRoundTripper(conf.basicAuth.Username, conf.basicAuth.Password, rt)
-	}
-
 	return &Client{
 		index:   index,
 		url:     conf.url,
-		client:  httputil.NewClient(rt),
+		client:  httpClient,
 		timeout: time.Duration(conf.timeout),
 	}, nil
 }
diff --git a/storage/remote/read.go b/storage/remote/read.go
index 1021310e7..6ab0655b4 100644
--- a/storage/remote/read.go
+++ b/storage/remote/read.go
@@ -36,11 +36,9 @@ func (r *Reader) ApplyConfig(conf *config.Config) error {
 	clients := []*Client{}
 	for i, rrConf := range conf.RemoteReadConfigs {
 		c, err := NewClient(i, &clientConfig{
-			url:       rrConf.URL,
-			tlsConfig: rrConf.TLSConfig,
-			proxyURL:  &rrConf.ProxyURL,
-			basicAuth: rrConf.BasicAuth,
-			timeout:   rrConf.RemoteTimeout,
+			url:              rrConf.URL,
+			timeout:          rrConf.RemoteTimeout,
+			httpClientConfig: rrConf.HTTPClientConfig,
 		})
 		if err != nil {
 			return err
diff --git a/storage/remote/write.go b/storage/remote/write.go
index 069ea0a41..825bf3fab 100644
--- a/storage/remote/write.go
+++ b/storage/remote/write.go
@@ -37,11 +37,9 @@ func (w *Writer) ApplyConfig(conf *config.Config) error {
 	// as this can be quite disruptive.
 	for i, rwConf := range conf.RemoteWriteConfigs {
 		c, err := NewClient(i, &clientConfig{
-			url:       rwConf.URL,
-			tlsConfig: rwConf.TLSConfig,
-			proxyURL:  &rwConf.ProxyURL,
-			basicAuth: rwConf.BasicAuth,
-			timeout:   rwConf.RemoteTimeout,
+			url:              rwConf.URL,
+			timeout:          rwConf.RemoteTimeout,
+			httpClientConfig: rwConf.HTTPClientConfig,
 		})
 		if err != nil {
 			return err