TLS 1.2 and PFS on 10.2.4

It seems I have to use either COMPAT, NATIVE, or DEFAULT in order to get any ciphers when I check it withe tmm. I also do not want MD5, RC4, Anon DH and Export grade. Adding all those results in my original string, except the explicit mention of TLSv1_2: COMPAT:!EXPORT:EDH:!ADH:!MD5:!RC4:!SSLv3:!DES:@STRENGTH tmm shows TLS 1.2, but SSLLabs and others still do not see it. tmm --clientcipher 'COMPAT:!EXPORT:EDH:!ADH:!MD5:!RC4:!SSLv3:!DES:@STRENGTH' ID SUITE BITS PROT METHOD CIPHER MAC KEYX 0: 57 DHE-RSA-AES256-SHA 256 TLS1 Compat AES SHA EDH/RSA 1: 57 DHE-RSA-AES256-SHA 256 TLS1.2 Compat AES SHA EDH/RSA 2: 57 DHE-RSA-AES256-SHA 256 DTLS1 Compat AES SHA EDH/RSA 3: 22 DHE-RSA-DES-CBC3-SHA 192 TLS1 Compat DES SHA EDH/RSA 4: 22 DHE-RSA-DES-CBC3-SHA 192 TLS1.2 Compat DES SHA EDH/RSA 5: 22 DHE-RSA-DES-CBC3-SHA 192 DTLS1 Compat DES SHA EDH/RSA 6: 51 DHE-RSA-AES128-SHA 128 TLS1 Compat AES SHA EDH/RSA 7: 51 DHE-RSA-AES128-SHA 128 TLS1.2 Compat AES SHA EDH/RSA 8: 51 DHE-RSA-AES128-SHA 128 DTLS1 Compat AES SHA EDH/RSA