Comment 13 for bug 1571457

I'm qualifying with customer if upgrading just the bootstrap node to Xenial can be considered a workaround for them.

If we can't re-enable TLS1.0 (FWIU), I'm guessing this will have to be reverted in any case.