represent that as TLSVersion::UNDEF. For OpenSSL driver,
TLSVersion::UNDEF will trigger legacy TLSv1 connections
using TLSv1_server_method() and TLSv1_client_method().
tls-version-min <version> ['or-highest'] -- sets the minimum
TLS version we will accept from the peer. Examples for version
include "1.0", "1.1", or "1.2". If 'or-highest' is specified
and version is not recognized, we will only accept the highest TLS
version supported by the local SSL implementation.
Examples:
tls-version-min 1.1 -- fail the connection unless peer can
connect at TLS 1.1 or higher.
tls-version-min 1.3 or-highest -- require that the peer
connect at TLS 1.3 or higher, however if the local SSL
implementation doesn't support TLS 1.3 (as it wouldn't in 2013
since TLS 1.3 doesn't exist yet), reduce the minimum required
version to the highest version supported by the local SSL
implementation (such as TLS 1.2). This is intended to allow
client configurations to target higher TLS versions that are
supported on the server, even if some older clients don't
support these versions yet.