Maxim,

Thanks for the detailed reply! In the organization I work for I see most legacy backends support TLSv1 or support both TLSv1.1/1.2.

Since every backend that supports TLSv1.1 also supports TLSv1.2 (from my org so far) I thought I was doing a small favor by leaving TLSv1.1 out of the scope.

I've changed the config to read "TLSv1.2 TLSv1.1 TLSv1" and will never ever look back.

Thanks again!!!

Brandon