Feature description

It would be nice to be able to specify TLS versions to use and ciphers to comply with requirements such as FIPS.
Current options I am looking into are

• Specify with TLS version to use, v1.2, v1.3 or both
• Specify which ciphers to use
• do this from the main config
• apply to all TLS connections gui/transfers

Problem or use case

For some deployments like USG, not all TLS ciphers are approved to use. Scans are made of the network and Syncthing ports are flagged as they support not authorized ciphers.
Would allow to conform to the security standards required by deployment.

Alternatives or workarounds

Not sure, I currently put the gui behind nginx and can set the correct ciphers for it but not sure I can do that for the data TLS connection.