What version of node.js are you using? This isn't something we explicitly set in the node and let the underlying tls layer negotiate with the remote server its connecting to.
We don't expose any option to force the client to use a particular TLS version. As I understand it, it will negotiate with the server to find a mutually available version.
Looking at the documentation for the node.js tls module, the default minimum TLS version is already set to TLSv1.2 - so it should be using that if both client and server support it.
Have you verified you can create a TLS 1.2 connection to your RabbitMQ server from another client?
We could certainly add some other options to the TLS Config node in node-red, but given the above, I'm not sure it would help.
Given you're using Node 12, which has tls.DEFAULT_MIN_VERSION set to TLS 1.2 already, I don't know why its connecting with 1.0. Based on the node.js docs, I don't think it should be doing that at all -there's no code in the MQTT node that modifies the TLS min version.
Could be - node-red locks on to MQTT.js V2.18.8 - thats from 2y ago - current version in NPM is 4.1.0
node-red package.json "mqtt": "2.18.8",
Not 100% sure that would be the reason for TLS 1.0 though.
EDIT...
Rather than just a throw away comment - I am gonna do a quick test to see what happens (from a compatibility / usability POV) if we force node-red to use V3.0.0 or V4.1.0 - then I'll feedback how to do it for @vp2021 to test if that fixes the TLS neg issue
I seem to remember on a non node-red project I simply replaced MQTT.js without issue.
END EDIT
__(slightly off topic) __
While on the subject of MQTT - would be nice to see some of MQTT v5 goodness in node red - in particular...
User Properties
Payload Format Indicator & Content Type
Response Topic and Request /Response Pattern
... though I have no idea how they would look/fit together in node-red land
Yes, off topic - let's not change the subject, if you want to discuss v5 support in the core please start a new topic. Of course I'm well aware of this (I'm on the MQTT standards technical committee). But so far, no-one has offered to do all the work needed, so it sits in the backlog.