Thank you so much! It works. I wish this was in the API docs somewhere (I spent countless hours searching for this!)
I would think having TLS 1.0 disabled (with 1.1 and 1.2 enabled) should soon be the default configuration for Node...
TLS 1.0 seems reasonably secure (especially compared to SSLv2 and SSLv3), but is not PCI compliant for credit card transactions...
And modern browsers support TLS 1.1 and 1.2 pretty well (for quite some time now.)