diff -up librelp-1.9.0/src/tcp.c.orig librelp-1.9.0/src/tcp.c
--- librelp-1.9.0/src/tcp.c.orig	2021-04-26 12:50:02.988053548 +0200
+++ librelp-1.9.0/src/tcp.c	2021-04-26 15:12:58.292600192 +0200
@@ -1155,32 +1155,8 @@ static relpRetVal LIBRELP_ATTR_NONNULL()
 relpTcpTLSSetPrio_gtls(relpTcp_t *const pThis)
 {
 	int r;
-	char pristringBuf[4096];
-	char *pristring;
 	ENTER_RELPFUNC;
-	/* Set default priority string (in simple cases where the user does not care...) */
-	if(pThis->pristring == NULL) {
-		if (pThis->authmode == eRelpAuthMode_None) {
-			if(pThis->bEnableTLSZip) {
-				strncpy(pristringBuf, "NORMAL:+ANON-DH:+COMP-ALL", sizeof(pristringBuf));
-			} else {
-				strncpy(pristringBuf, "NORMAL:+ANON-DH:+COMP-NULL", sizeof(pristringBuf));
-			}
-			pristringBuf[sizeof(pristringBuf)-1] = '\0';
-			pristring = pristringBuf;
-			r = gnutls_priority_set_direct(pThis->session, pristring, NULL);
-		} else {
-			r = gnutls_set_default_priority(pThis->session);
-			strncpy(pristringBuf, "to recommended system default", sizeof(pristringBuf));
-			pristringBuf[sizeof(pristringBuf)-1] = '\0';
-			pristring = pristringBuf;
-		}
-
-	} else {
-		pristring = pThis->pristring;
-		r = gnutls_priority_set_direct(pThis->session, pristring, NULL);
-	}
-
+	r = gnutls_set_default_priority(pThis->session);
 	if(r == GNUTLS_E_INVALID_REQUEST) {
 		ABORT_FINALIZE(RELP_RET_INVLD_TLS_PRIO);
 	} else if(r != GNUTLS_E_SUCCESS) {
@@ -1188,7 +1164,7 @@ relpTcpTLSSetPrio_gtls(relpTcp_t *const
 	}
 
 finalize_it:
-	pThis->pEngine->dbgprint((char*)"relpTcpTLSSetPrio_gtls: Setting ciphers '%s' iRet=%d\n", pristring, iRet);
+	pThis->pEngine->dbgprint((char*)"relpTcpTLSSetPrio_gtls: Setting ciphers to system default iRet=%d\n", iRet);
 
 	if(iRet != RELP_RET_OK) {
 		chkGnutlsCode(pThis, "Failed to set GnuTLS priority", iRet, r);
@@ -1207,37 +1183,15 @@ relpTcpTLSSetPrio_gtls(LIBRELP_ATTR_UNUS
 static relpRetVal LIBRELP_ATTR_NONNULL()
 relpTcpTLSSetPrio_ossl(relpTcp_t *const pThis)
 {
-	char pristringBuf[4096];
-	char *pristring;
 	ENTER_RELPFUNC;
-	/* Compute priority string (in simple cases where the user does not care...) */
-	if(pThis->pristring == NULL) {
-		if (pThis->authmode == eRelpAuthMode_None) {
-			#if OPENSSL_VERSION_NUMBER >= 0x10100000L \
-				&& !defined(LIBRESSL_VERSION_NUMBER)
-			 /* NOTE: do never use: +eNULL, it DISABLES encryption! */
-			strncpy(pristringBuf, "ALL:+COMPLEMENTOFDEFAULT:+ADH:+ECDH:+aNULL@SECLEVEL=0",
-				sizeof(pristringBuf));
-			#else
-			strncpy(pristringBuf, "ALL:+COMPLEMENTOFDEFAULT:+ADH:+ECDH:+aNULL",
-				sizeof(pristringBuf));
-			#endif
-		} else {
-			strncpy(pristringBuf, "DEFAULT", sizeof(pristringBuf));
-		}
-		pristringBuf[sizeof(pristringBuf)-1] = '\0';
-		pristring = pristringBuf;
-	} else {
-		pristring = pThis->pristring;
-	}
 
-	if ( SSL_set_cipher_list(pThis->ssl, pristring) == 0 ){
-		pThis->pEngine->dbgprint((char*)"relpTcpTLSSetPrio_ossl: Error setting ciphers '%s'\n", pristring);
+	if ( SSL_set_cipher_list(pThis->ssl, "PROFILE=SYSTEM") == 0 ){
+		pThis->pEngine->dbgprint((char*)"relpTcpTLSSetPrio_ossl: Error setting ciphers to system default\n");
 		ABORT_FINALIZE(RELP_RET_ERR_TLS_SETUP);
 	}
 
 finalize_it:
-	pThis->pEngine->dbgprint((char*)"relpTcpTLSSetPrio_ossl: Setting ciphers '%s' iRet=%d\n", pristring, iRet);
+	pThis->pEngine->dbgprint((char*)"relpTcpTLSSetPrio_ossl: Setting ciphers to system default iRet=%d\n", iRet);
 	LEAVE_RELPFUNC;
 }
 #else