diff --git a/freeradius-Use-system-crypto-policy-by-default.patch b/freeradius-Use-system-crypto-policy-by-default.patch
index 836a81a..199e583 100644
--- a/freeradius-Use-system-crypto-policy-by-default.patch
+++ b/freeradius-Use-system-crypto-policy-by-default.patch
@@ -1,20 +1,30 @@
-From d78bf5ab1f5c8102b2b6051cfb1198488be9597d Mon Sep 17 00:00:00 2001
-From: Nikolai Kondrashov <Nikolai.Kondrashov@redhat.com>
-Date: Mon, 26 Sep 2016 19:48:36 +0300
-Subject: [PATCH] Use system crypto policy by default
+From a7ed62fbcc043a9ec7a4f09962a2cd2acffa019b Mon Sep 17 00:00:00 2001
+From: Alexander Scheel <ascheel@redhat.com>
+Date: Wed, 8 May 2019 10:16:31 -0400
+Subject: [PATCH] Use system-provided crypto-policies by default
 
+Signed-off-by: Alexander Scheel <ascheel@redhat.com>
 ---
- raddb/mods-available/eap        | 2 +-
+ raddb/mods-available/eap        | 4 ++--
  raddb/mods-available/inner-eap  | 2 +-
  raddb/sites-available/abfab-tls | 2 +-
  raddb/sites-available/tls       | 4 ++--
- 4 files changed, 5 insertions(+), 5 deletions(-)
+ 4 files changed, 6 insertions(+), 6 deletions(-)
 
 diff --git a/raddb/mods-available/eap b/raddb/mods-available/eap
-index 94494b2c6..9a8dc9327 100644
+index 36849e10f2..b28c0f19c6 100644
 --- a/raddb/mods-available/eap
 +++ b/raddb/mods-available/eap
-@@ -912,7 +912,7 @@
+@@ -368,7 +368,7 @@ eap {
+ 		#
+ 		#  For EAP-FAST, use "ALL:!EXPORT:!eNULL:!SSLv2"
+ 		#
+-		cipher_list = "DEFAULT"
++		cipher_list = "PROFILE=SYSTEM"
+ 
+ 		#  If enabled, OpenSSL will use server cipher list
+ 		#  (possibly defined by cipher_list option above)
+@@ -912,7 +912,7 @@ eap {
  		#  Note - for OpenSSL 1.1.0 and above you may need
  		#  to add ":@SECLEVEL=0"
  		#
@@ -24,10 +34,10 @@ index 94494b2c6..9a8dc9327 100644
  		#  PAC lifetime in seconds (default: seven days)
  		#
 diff --git a/raddb/mods-available/inner-eap b/raddb/mods-available/inner-eap
-index 2b4df6267..af9aa88cd 100644
+index 576eb7739e..ffa07188e2 100644
 --- a/raddb/mods-available/inner-eap
 +++ b/raddb/mods-available/inner-eap
-@@ -68,7 +68,7 @@ eap inner-eap {
+@@ -77,7 +77,7 @@ eap inner-eap {
  		#  certificates.  If so, edit this file.
  		ca_file = ${cadir}/ca.pem
  
@@ -37,7 +47,7 @@ index 2b4df6267..af9aa88cd 100644
  		#  You may want to set a very small fragment size.
  		#  The TLS data here needs to go inside of the
 diff --git a/raddb/sites-available/abfab-tls b/raddb/sites-available/abfab-tls
-index 5dbe143da..46b5fea78 100644
+index 92f1d6330e..cd69b3905a 100644
 --- a/raddb/sites-available/abfab-tls
 +++ b/raddb/sites-available/abfab-tls
 @@ -19,7 +19,7 @@ listen {
@@ -50,10 +60,10 @@ index 5dbe143da..46b5fea78 100644
  		cache {
  			enable = no
 diff --git a/raddb/sites-available/tls b/raddb/sites-available/tls
-index cf1cd7a8a..7dd59cb6f 100644
+index bbc761b1c5..83cd35b851 100644
 --- a/raddb/sites-available/tls
 +++ b/raddb/sites-available/tls
-@@ -197,7 +197,7 @@ listen {
+@@ -215,7 +215,7 @@ listen {
  		# Set this option to specify the allowed
  		# TLS cipher suites.  The format is listed
  		# in "man 1 ciphers".
@@ -62,7 +72,7 @@ index cf1cd7a8a..7dd59cb6f 100644
  
  		# If enabled, OpenSSL will use server cipher list
  		# (possibly defined by cipher_list option above)
-@@ -499,7 +499,7 @@ home_server tls {
+@@ -517,7 +517,7 @@ home_server tls {
  		# Set this option to specify the allowed
  		# TLS cipher suites.  The format is listed
  		# in "man 1 ciphers".
@@ -72,5 +82,5 @@ index cf1cd7a8a..7dd59cb6f 100644
  
  }
 -- 
-2.13.2
+2.21.0