It is strongly recommended that you do not use SSL, TLS 1.0, or TLS 1.1 protocols. Some server versions may not support TLS 1.3 yet, therefore the TLS 1.2 protocol should be considered as the cornerstone configuration. Security of some of the cipher suites has degraded over time and as a result, some cipher suites are known to be insecure. Old or outdated cipher suites are often vulnerable to attacks. If they are used, the attacker may intercept or modify data in transit. It is recommended that you use only the following cipher suites:

TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384

TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256

TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256