It's the other way arround: the primary config has EDH enabled but the second has it dropped by using the !-sign. The second setting provides weaker settings possibly to overcome old implementations which cannot deal with large cipher lists and new settings. You can check the resulting ciperlist using "openssl ciphers -v 'ALL:!ADH:+RC4:@STRENGTH'".
Very helpful. Thanks for pointing me into the right direction!
This is nice and helpful comment to share by you.