There is an article about management SSL/TLS on ADFS/WAP servers: Managing SSL/TLS Protocols and Cipher Suites for AD FS
Anyhow, you should disable the lower ones, regardless of the server's role or type. They are not considered secured anymore.
And you should enable SchUseStrongCrypto on all your ADFS and WAP servers. Without SchUseStrongCrypto enabled the metadata lookup will fail if the file is hosted on a TLS1.1 or TLS1.2 server.