I am no longer using Apache since 10 or 15 years, but you can try this:

SSLProtocol all -TLSv1 -TLSv1.1

or

SSLProtocol -all +TLSv1.2 +TLSv1.3

If I was still using Apache, I would use this last one.

Does this have an impact on the certificate used?

No.

Are you using a dedicated server? If so I get A+ from SSLabs using:

Service Configuration > Apache Configuration > Global Configuration

SSL Cipher Suite = ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384

SSL/TLS Protocols = TLSv1.2

SSL Use Stapling = ON

Are you using a dedicated server?

No

If so I get A+ from SSLabs using:

I used to have an A+ score also, but I was helping out a friend who was freaking out due to his page experience report. His score was B. So I checked my score. It was also B.

@Dimitri
Thanks I'll give it try and let you know.

It didn't work. Actually it likely did work, but Cloudflare.

I'm using Cloudflare, so I needed to make the change in Cloudflare as it continued to accept TLSv1 requests. But this makes the fix much simpler since one can fix this in Cloudflare only and achieve an "A" score. I don't reach "A+" due to key exchange and cipher strength score, but I assume that this is due to the Cloudflare implementation.

Is there a benefit to limiting the certificate to TLSv3, it prevents older browsers from connecting like Chrome V69. My guess is that this should have limited impact on actual users since Chrome auto updates but it may prevent some outdated bots.