diff --git a/roles/nginx/templates/https.j2 b/roles/nginx/templates/https.j2
index efd215c..07b8d80 100644
--- a/roles/nginx/templates/https.j2
+++ b/roles/nginx/templates/https.j2
@@ -29,7 +29,7 @@
     ssl_protocols {{ nginx_ssl_protocols }};
     ssl_ecdh_curve {{ nginx_ssl_ecdh_curve }};
     ssl_ciphers "{{ tls_cipher_suite }}";
-    ssl_prefer_server_ciphers on;
+    ssl_prefer_server_ciphers off;
 
     {# OSCP stapling only works with real certs #}
     {% if use_letsencrypt == true or item.tls_certificate_path %}