Stuart Henderson wrote at https://www.monitoring-plugins.org/archive/devel/2015-September/010076.html:
You could do something like this which changes the default check to TLSv1.0+ (I think at this point in the game it's reasonable to consider a service which doesn't TLS at all as down/broken ;-) and adds a new option to enforce TLSv1.2+ (allowing it to autodetect and connect to future protocol versions). [check_http_support_TLS_v1.2.patch.txt](https://github.com/monitoring-plugins/monitoring-plugins/files/2220/check_http_support_TLS_v1.2.patch.txt) -- Reply to this email on GitHub: https://github.com/monitoring-plugins/monitoring-plugins/issues/1338#issuecomment-141904034
