Cloud Load Balancer alternatives

Long story short -

Due to how Rackspace Cloud Load Balancers are designed; we have to put our SSL certificate in the LB config and not on the web server so we can get the users IP address into Apache's log files.

We recently failed a PCI scan because TLS 1.0 was enabled (which I was able to turn off) and the load balancer allows for weak cipher strengths - which we cannot configure ourselves (not a feature of the load balancer)

Rackspace has no intention of disabling these weak ciphers because obviously, there are still users out there who use IE 6

Assuming the pen test company doesn't accept our dispute - I have a few options I know I can do but I'm looking for something I might be missing

1 - Switch to a dedicated load balancer - you can config the cipher strength on these, but their about a grand a month, which we're not happy about

2 - Move to AWS - doable, but won't be easy - we have 8 servers at RS, 2 load balancers, CDN, etc... I already checked and I can disable the weak cipher strengths on Elastic Load Balancer. Unfortunately, ELB only works with AWS servers (and not external) so I can't just use ELB and point it to our servers on Rackspace (or can I?)

3 - Roll my own load balancer on a server at RS. I tried this last year and it failed using Apache Proxy - I haven't tried again since - anyone got a good doc on how to do this or know of an alternative?

4 - ??? Any other ideas?