I just used sslscan to check for the ciphers offered by mikrotik ssl connection. It's mostly fine, being the only non-recommnendec cipher the DES-CBC-SHA, can it be disabled somehow? I have looked into the forum, but I couldn't find anything relevant.

There was another user that made the same check some time ago, and since then TLSv1.2 has been added the available criptography options. Link here