From the Broadcom Communities thread
TLS 1.3 was only supported in Java 11. But seeing it may have been back ported to Java 8 in 8u262-b10 from AdoptOpenJDK
Spectrum uses Apache Tomcat as a webserver. It appears Spectrum 10.4.3 ships OpenJDK Runtime Environment (AdoptOpenJDK)(build 1.8.0_275-b01). So if you are running 10.4.3+, you might be able to enable TLS1.3.
From Spectrum 21.2.x documentation, the communication between OneClick and Spectrum application uses TLS 1.3 by enabling the secure CORBA. Refer to:
From 21.2.1, use Secure CORBA (TLS) for DX NetOps Spectrum Communication
By default, the value is set to No. DX NetOps Spectrum applications like SpectroSERVER, ArchMgr, and LocServer daemons listen to connections on the existing CORBA 14002,14003 & 14004 ports along with secure CORBA 14012,14013 and 14014 ports.
No: Indicates security is disabled. The OneClick server establishes insecure communication with the DX NetOps Spectrum applications.
Yes: Indicates secure communication between the OneClick server and the DX NetOps Spectrum applications using TLS v1.3 authentication.