Can I use TLSv1.0 for one client IP, TLS v1.2 for everyone else
Solution 1:
Create two virtualhosts, differing only in the port that is used.
Use iptables to conditionally redirect the selected IP to the TLS 1.0 instance.
iptables -t nat -A PREROUTING -s CLIENT_OF_INTEREST -p tcp --dport 443 -j REDIRECT --to-port 344
Although, I must add that doing so would leave me feeling a bit yuck. It would be better, if at all possible, to make the client able to do TLS 1.2.
eg. if its Java, make sure you have the 'unlimited' crypto bits added on.
But I quite understand that this is not always possible.
Solution 2:
Yes, it's possible, you can set SSLProtocol directive for each virtualhost.
Sample config you posted seems to be OK but you are using default virtualhosts. You must better use IP:Port.
http://httpd.apache.org/docs/2.4/mod/mod_ssl.html#sslprotocol
https://httpd.apache.org/docs/2.4/mod/core.html#virtualhost