Hello,
it seems that the default value for ssl_min_protocol has changed from
TLSv1 to TLSv1.2, right?
After upgrading to v2.3.15 and with ssl_min_protocol commented out, the
server no longer offers TLSv1 and TLSv1.1.
This is a good idea, but should be documented.