Well, the rest of the community may not be as traditionalist as I am, but if you keep seeing “unknown” cipher on start up then you too may be a victim of upper-case expectations.
;; SSL Cipher Suites
SSL_CIPHER_SUITES=aes_128_gcm_sha256,aes_256_gcm_sha384,chacha20_poly1305_sha256
It doesn’t help that Openssl introduced TLS13 prefixes, or that the spec still lists older ciphers. 
I hope this helps someone else out of an embarrassing amount of time spent.