diff --git a/man/nbd-server.5.sgml.in b/man/nbd-server.5.sgml.in
index 4d3a33a4..41ad12d4 100644
--- a/man/nbd-server.5.sgml.in
+++ b/man/nbd-server.5.sgml.in
@@ -371,7 +371,7 @@ manpage.1: manpage.sgml
       <varlistentry>
         <term><option>tlsprio</option></term>
 	<listitem>
-	  <para>Optional; string; default NORMAL:-VERS-TLS-ALL:+VERS-TLS1.2:+VERS-TLS1.3:%SERVER_PRECEDENCE</para>
+	  <para>Optional; string; default NORMAL:+VERS-TLS-ALL:-VERS-TLS1.0:-VERS-TLS1.1:%SERVER_PRECEDENCE</para>
 	  <para>This option allows to configure the GnuTLS priority
 	    string, which is used to select the algorithms which GnuTLS
 	    will allow to be negotiated with the client. The NBD
diff --git a/nbd-server.c b/nbd-server.c
index 41d09ff5..3749b74a 100644
--- a/nbd-server.c
+++ b/nbd-server.c
@@ -871,7 +871,7 @@ GArray* parse_cfile(gchar* f, struct generic_conf *const genconf, bool expect_ge
 
         memset(&genconftmp, 0, sizeof(struct generic_conf));
 
-	genconftmp.tlsprio = "NORMAL:-VERS-TLS-ALL:+VERS-TLS1.2:+VERS-TLS1.3:%SERVER_PRECEDENCE";
+	genconftmp.tlsprio = "NORMAL:+VERS-TLS-ALL:-VERS-TLS1.0:+VERS-TLS1.1:%SERVER_PRECEDENCE";
 
         if (genconf) {
                 /* Use the passed configuration values as defaults. The