Disabling Weak Ciphers
When enabling HTTPS for MCS, it may be necessary to disable some of the weaker ciphers.
This is configured within Java. The Java security configuration file is located at:
<java install>/jre/lib/security/java.securityThe relevant section may look something like this:
jdk.tls.disabledAlgorithms=SSLv3, TLSv1, TLSv1.1, TLSv1.2, RC4, DES, MD5withRSA, \
DH keySize < 2048, DSA keySize < 2048, RSA keySize < 2048, \
EC keySize < 224, 3DES_EDE_CBC, anon, NULL, \
include jdk.disabled.namedCurves
Certificate ciphers