--- ./prelude-admin/server.c	2016-11-21 16:52:01.839000884 +0100
+++ ./prelude-admin/server.c	2016-11-26 11:48:52.695000891 +0100
@@ -145,22 +145,10 @@
         gnutls_session_t session;
         const char *err;
 
-#if defined LIBGNUTLS_VERSION_MAJOR && LIBGNUTLS_VERSION_MAJOR >= 3
-# define TLS_DH_STR "+ANON-ECDH:+ANON-DH"
-#else
-# define TLS_DH_STR "+ANON-DH"
-#endif
-
-#ifdef GNUTLS_SRP_ENABLED
-        const char *pstring = "NORMAL:+SRP:+SRP-DSS:+SRP-RSA:" TLS_DH_STR;
-#else
-        const char *pstring = "NORMAL:" TLS_DH_STR;
-#endif
-
         gnutls_init(&session, GNUTLS_SERVER);
         gnutls_set_default_priority(session);
 
-        ret = gnutls_priority_set_direct(session, pstring, &err);
+        ret = gnutls_priority_set_direct(session, "@SYSTEM", &err);
         if (ret < 0) {
                 fprintf(stderr, "TLS priority syntax error at: %s\n", err);
                 return NULL;
--- ./src/tls-auth.c	2016-09-15 08:49:10.809000884 +0200
+++ ./src/tls-auth.c	2016-11-30 23:08:58.649439656 +0100
@@ -232,7 +232,7 @@
                 int ret;
                 const char *errptr;
 
-                ret = gnutls_priority_init(&tls_priority, (tlsopts) ? tlsopts : "NORMAL", &errptr);
+                ret = gnutls_priority_init(&tls_priority, (tlsopts) ? tlsopts : "@SYSTEM", &errptr);
                 if ( ret < 0 )
                         return prelude_error_verbose_make(PRELUDE_ERROR_SOURCE_CLIENT, PRELUDE_ERROR_TLS,
                                                           "TLS options '%s': %s", errptr, gnutls_strerror(ret));