This issue has been around for a long time.
The problem isn’t with FreePBX, it’s with Sangoma’s server, which seems to be obsolete and hasn’t yet gotten an upgrade to modern security standards.
The FreePBX developers know this and hacked around it in the FreePBX 17 installer by adding this to the /etc/ssl/openssl.cnf file:
# FreePBX 17 changes - begin
[ default_conf ]
ssl_conf = ssl_sect
[ssl_sect]
system_default = system_default_sect
[system_default_sect]
MinProtocol = TLSv1.2
CipherString = DEFAULT:@SECLEVEL=1
# FreePBX 17 changes - end
Did you make some change to openssl that would undo the install script’s workaround?