Your title is misleading.  TLS 1.2 has been in use for some time.  tls-crypt is what's new.   Paste in the tls-crypt.key info into the key field, and then below it select the option for authentication and encryption.   Then also change the auth digest to SHA512.  that should be what you need to connect.   If you aren't already doing it, you should also see performance improvement using AES-256-GCM as data cipher vs CBC