diff --git a/defaults/main.yml b/defaults/main.yml
index ba29258..31dbce4 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -63,9 +63,11 @@ nginx_tls_key_file: mykey.pem
 # nginx_tls_dhparam_size: # defaults to 2048
 
 nginx_tls_ciphers:
-  - ECDHE-ECDSA-CHACHA20-POLY1305
-  - ECDHE-ECDSA-AES128-GCM-SHA256
-  - ECDHE-ECDSA-AES128-SHA
+  - ECDHE-RSA-AES256-GCM-SHA512
+  - DHE-RSA-AES256-GCM-SHA512
+  - ECDHE-RSA-AES256-GCM-SHA384
+  - DHE-RSA-AES256-GCM-SHA384
+  - ECDHE-RSA-AES256-SHA384
 
 nginx_tls_ocsp_enabled: False
 # nginx_tls_ocsp_trusted_certificate: # defaults to not set