I've got a rough estimate for updating TLS from Cyphre depending on what we need of $1500-2000.
I'll ask him to post to this thread what he wants to know.
Basically I think we need TLS 1.2 with ECDHE. Full server implementation also nice to have.
Eg. TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (0xc030)