@stager999
Interesting. the --ssl-version TLS_SERVER does not seem to do anything. But the --ciphers AES256-GCM-SHA384:AES128-GCM-SHA256 seems to something. I guess those ciphers are not available in pre TLS1.2.
BUT my sslyze (Github Link) warns me that now TLS1.2 does not provide Forward Secrecy anymore. That is definitely undesirable. Also the list of ciphers is substantially smaller.