diff --git a/src/tcp.c b/src/tcp.c
index bd9bf1db..693b7ae2 100644
--- a/src/tcp.c
+++ b/src/tcp.c
@@ -1133,23 +1133,26 @@ static relpRetVal LIBRELP_ATTR_NONNULL()
 relpTcpTLSSetPrio_gtls(relpTcp_t *const pThis)
 {
 	int r;
-	char pristringBuf[4096];
-	char *pristring;
 	ENTER_RELPFUNC;
-	/* Compute priority string (in simple cases where the user does not care...) */
+	/* Set default priority string (in simple cases where the user does not care...) */
 	if(pThis->pristring == NULL) {
-		if(pThis->bEnableTLSZip) {
-			strncpy(pristringBuf, "NORMAL:+ANON-DH:+COMP-ALL", sizeof(pristringBuf));
-		} else {
-			strncpy(pristringBuf, "NORMAL:+ANON-DH:+COMP-NULL", sizeof(pristringBuf));
+		if (pThis->authmode == eRelpAuthMode_None) {
+			if(pThis->bEnableTLSZip) {
+				strncpy(pristringBuf, "NORMAL:+ANON-DH:+COMP-ALL", sizeof(pristringBuf));
+			} else {
+				strncpy(pristringBuf, "NORMAL:+ANON-DH:+COMP-NULL", sizeof(pristringBuf));
 			}
-		pristringBuf[sizeof(pristringBuf)-1] = '\0';
-		pristring = pristringBuf;
+		} else {
+			r = gnutls_set_default_priority(pThis->session);
+		}
+
 	} else {
+		char *pristring;
 		pristring = pThis->pristring;
+		r = gnutls_priority_set_direct(pThis->session, pristring, NULL);
+		pThis->pEngine->dbgprint("relpTcpTLSSetPrio_gtls: Setting ciphers '%s' iRet=%d\n", pristring, iRet);
 	}
 
-	r = gnutls_priority_set_direct(pThis->session, pristring, NULL);
 	if(r == GNUTLS_E_INVALID_REQUEST) {
 		ABORT_FINALIZE(RELP_RET_INVLD_TLS_PRIO);
 	} else if(r != GNUTLS_E_SUCCESS) {
@@ -1157,8 +1160,6 @@ relpTcpTLSSetPrio_gtls(relpTcp_t *const pThis)
 	}
 
 finalize_it:
-	pThis->pEngine->dbgprint("relpTcpTLSSetPrio_gtls: Setting ciphers '%s' iRet=%d\n", pristring, iRet);
-
 	if(iRet != RELP_RET_OK) {
 		chkGnutlsCode(pThis, "Failed to set GnuTLS priority", iRet, r);
 	}