Hardening: TLS >= 1.2, limit cipher suites

[cstsw]

In order to provide a reasonably secure TLS configuration, the following defaults have been set:

• Don't use TLS versions below 1.2 as those are vulnerable to attacks such as BEAST (CVE-2011-3389) and FREAK (CVE-2015-0204)
• Exclude ciphers known to be vulnerable, i.e. (3)DES, RC4, CBC ciphers

[cstsw]

My suggestion for a reasonably secure TLS configuration in order to address #42