Change MinTLSVersion to TLSv1.2

[dveeden]

What problem does this PR solve?

Issue Number: ref pingcap/tidb#36036

Problem Summary:

IETF RFC 8996 says TLSv1.1 and older should not be used by default.

What is changed and how it works:

This changes the minimum TLS version to TLSv1.2.

Check List

Tests

• Unit test
• Integration test
• Manual test (add detailed scripts or steps below)
• No code

Notable changes

• Has configuration change
• Has HTTP API interfaces change
• Has tiproxyctl change
• Other user behavior changes

Release note

Please refer to Release Notes Language Style Guide to write a quality release note.

The minimum TLS version was changed to TLSv1.2. This can be changed in the configuration file.

Warning

This change should be clearly listed in release notes etc as depending on the MySQL driver and connection configuration this might lead to problems.

[djshow832]

I heard that pingcap/tidb#36037 is under discussion. I'll merge this PR after the TiDB PR is merged because TiProxy needs to be consistent with TiDB.

[ti-chi-bot]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: djshow832

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• OWNERS [djshow832]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[ti-chi-bot]

[LGTM Timeline notifier]

Timeline:

• 2024-01-05 08:20:43.590802707 +0000 UTC m=+2417934.628029635: ☑️ agreed by djshow832.
• 2024-01-05 08:29:19.767912438 +0000 UTC m=+2418450.805139366: ✖️🔁 reset by djshow832.
• 2024-01-05 08:29:44.708863444 +0000 UTC m=+2418475.746090371: ☑️ agreed by djshow832.