So I read that Firefox, Chrome, Safari and Edge is dropping support for TLS 1.0, 1.1, so should we still support them or drop the support as well? I would also suggest ISPConfig support to TLS 1.3 by default since openssl 1.1.1 is already finalized though is not yet available as an installable package as yet.
Dropping support for these protocols right now might be an issue especially for companies as these do not install bleeding edge versions of browsers and there are probably many devices like phones or tablets which do not get updates will not be able to visit sites hosted on that server anymore, so web users won't be happy with such a move. When browsers drop support for these protocols, then it should be fine when the server still offers them, the browser just won't use the older protocol. But in the end, the administrator of the server can decide that for his system, maybe we can make it easier to set the allowed protocols by making them configurable in the UI though. In regard to TLS 1.3, we should add it when the Linux distribution where ISPConfig is installed on supports it. There are some really old Distributions like CentOS 6 which have still LTS support. So what we probably need is to add some code that detects which TLS versions are supported by the OS.
