Comment 3 for bug 1845263

"Testcase" (less than full cert setup):
$ apt install apache2
$ a2enmod ssl
$ vim /etc/apache2/mods-enabled/ssl.conf:
Change protocols to:
  SSLProtocol all -SSLv3 +TLSv1.2 TLSv1.3
For an SRU we might want more, but that is enough to check if a given apache already has TLSv1.3

With that I confirmed your expectation that >=Disco is already fine in that regard.