Disabling TLS v1.0

Product: PowerShell Universal
Version: 2.1.2

What’s the most appropriate way of disabling TLS 1.0 for a PowerShell Universal instance running under Kestrel?

It looks like you can disable it system wide: Breaking change: Kestrel: Default supported TLS protocol versions changed - .NET | Microsoft Docs

Otherwise, we’d likely have to add a setting to appsettings.json.

I was hoping to avoid disabling by reconfiguring SChannel (Example) because there are some core Windows services that still require TLS 1.0.
I’ll create an issue.