Control which ciphers are available on a DO load balancer (provisioned via Kubernetes). A quick ssllabs.com scan reveals that my LB supports a weak TLS 1.2 cipher (TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA) that I’d like to disable.