let's enable vTLS 1.3

[kinjelom]

Now, there is no way to enable TLS v1.3, let's enable TLS v1.3.

[maxmoehl]

Could you please explain your change? I don't see how this changes anything related to TLSv1.3.

[domdom82]

sslv3 is not TLSv1.3. More like TLSv1.0

[kinjelom]

I'm sorry, my mistake - TLS v1.3 probably doesn't work due to the OpenSSL version in the stemcell.

[maxmoehl]

It does work, but it is disabled by default. In our internal backlog we have a item to deprecate the individual no-* options in favour of exposing ssl-min-ver and ssl-max-ver. We are currently using the raw blocks to set those but this should really be a feature of the release.

ssl-max-ver
The default value is "TLSv1.2".

So if you are interested, feel free to contribute a PR :)

_{PS: I have it on my list to look into your other PR, but I have a lot on the table right now :/}

[kinjelom]

ssl-min/max-ver

@maxmoehl done: #657