I have yet to find the best solution to this, but if you brick your whm control panel while updating your cipher suite, here’s a good link:
Also, if anyone bricks their cpanel/whm interface, the file you need to correct is:
/var/cpanel/conf/cpsrvd/ssl_socket_args
then run:
/usr/local/cpanel/whostmgr/bin/whostmgr2 docpsrvdconfiguration
Also here’s the cipher suite that seems to work best:
Cipher List: ALL:!ADH:+HIGH:+MEDIUM:-LOW:-SSLv2:-SSLv3:-TLSv1:-EXP
Protocols List: SSLv23:!SSLv2:!SSLv3
https://forums.cpanel.net/threads/i-need-to-disable-tls-v1-0.466611/