The default acceptor TLS protocol is the JVM's default, which changes with the JVM. In Java 8 it's TLS1.2 and since Java 11 it's TLS1.3. This means that versions of the same broker will only change behaviour when running on a different, even supported, JVM version.

There is only one line about this, in the `enabledProtocols` configuration option, which controls the TLS procol version, but only for standalone [1], nothing for OpenShift. So far it is not possible to specify TLS1.3, but the fix is on the way [2].

Also, `enabledProtocols` is quite ambiguous as it seems to refer to the messaging protocol and not the TLS version.

Available cipher suites are affected in the same way (`enabledCipherSuites`).

[1]
https://access.redhat.com/documentation/en-us/red_hat_amq_broker/7.11/html-single/configuring_amq_broker/index#ref-br-tls-configuration-options_configuring

[2]
rhn-support-rkieley is working on the related upstream ticket https://github.com/artemiscloud/activemq-artemis-operator/issues/722