Here is the full list of TLS-related command-line parameters. They are available since The Bat! 8.5.8, except /TLS_DISABLE_ECDSA that became available since 9.1.10.

• /DISABLE_TLS12
  
• /TLS_DISABLE_ECDHE
  
• /TLS_DISABLE_ECDSA
  
• /TLS_VERSION_RANGE:
  
• /TLS_DISABLE_PERFECT_FORWARD_SECRECY
  
• /TLS_FORCE_PERFECT_FORWARD_SECRECY
  
• /TLS_DISABLE_DHE
  

The "/TLS_VERSION_RANGE:0-3" command line parameter is needed to specify lowest and highest SSL/TLS version minor byte number that The Bat! should support. "0" means SSL 3.0, "1" means TLS 1.0, "2" means TLS 1.1 and "3" means "TLS 1.2". For example, to disable SSL 3.0, use "/TLS_VERSION_RANGE:1-3". Another example – to only allow TLS 1.2 – use "/TLS_VERSION_RANGE:3-3"

The /TLS_DISABLE_ECDSA parameter (available since version 9.1.10) just disables cipher suites with Ellipric Curve DSA server certificates, but not ephemeral elliptic curves keys. Thus, the perfect forward secrecy keeps working with this command-line parameter, but only RSA server certificates are used. The other command-line parameters.