@@ -1240,10 +1240,14 @@
 
 #if !defined(NO_TLS1_3) && !defined(OPENSSL_NO_TLS1_3)
     if (proto == TLS_PROTO_TLS1_3) {
         SSL_CTX_set_min_proto_version (ctx, TLS1_3_VERSION);
         SSL_CTX_set_max_proto_version (ctx, TLS1_3_VERSION);
+
+	if (!isServer) {
+	    SSL_CTX_set_options(ctx, SSL_OP_CIPHER_SERVER_PREFERENCE);
+	}
     }
 #endif
     
     SSL_CTX_set_app_data( ctx, (void*)interp);	/* remember the interpreter */
     SSL_CTX_set_options( ctx, SSL_OP_ALL);	/* all SSL bug workarounds */