Can a Web Server Have TLS Version Specific Cipher Suite Configuration?
In theory, it would be possible to set the available ciphers and cipher order depending on the TLS protocol version used by the client. However, in practice, none of the common web servers supports this functionality.
While it may seem useful to have different cipher suites and preference order for different TLS versions, it is questionable what practical use this feature would have. This is because cipher selection is primarily based on the ciphers offered by the client. For example, if the client does not offer GCM ciphers with TLS 1.2, then the handshake would fail if only GCM ciphers are available on the server side. Therefore, the main purpose of such configuration would likely be to deceive analysis tools like SSL Labs, making it appear that the site does not support certain ciphers even if it does for older clients.