The list of ciphers for the connector can be adjusted according to your corporate security policy. For information about configuring the SSL connector for the Tomcat Server, see Configuring the SSL Connector for Tomcat Server.
The following ciphers are considered reasonably secure at this time:
-
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
-
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
-
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
-
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
-
TLS_AES_256_GCM_SHA384
-
TLS_AES_128_GCM_SHA256