diff --git a/src/openvpn/ssl_openssl.c b/src/openvpn/ssl_openssl.c
index cd6d842..7c04700 100644
--- a/src/openvpn/ssl_openssl.c
+++ b/src/openvpn/ssl_openssl.c
@@ -441,7 +441,7 @@ tls_ctx_restrict_ciphers(struct tls_root_ctx *ctx, const char *ciphers)
         /* Use sane default TLS cipher list */
         if (!SSL_CTX_set_cipher_list(ctx->ctx,
                                      /* Use openssl's default list as a basis */
-                                     "DEFAULT"
+                                     "PROFILE=SYSTEM"
                                      /* Disable export ciphers and openssl's 'low' and 'medium' ciphers */
                                      ":!EXP:!LOW:!MEDIUM"
                                      /* Disable static (EC)DH keys (no forward secrecy) */