Review/adapt TLS ciphers

CentOS Infra issue/request

Please file this generic issue template or feel free to select another one in the list above (Description / Choose a template)

Issue Type

[] Issue - problem with something that was working
Feature Request - something you'd like us to add/modify/change
[] Task - mostly used by CentOS Infra team for day-to-day operations or bigger plans

Description

It's a good practice to review our TLS settings/ciphers for exposed (and encrypted TLS) services, like https or smtp (with starttls). Reviewing different openssl version and options can be tuned as while we still have some (very few) el8 host, majority is now running on el9 and we also started to deploy el10

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information