Novell ACCESS MANAGER 3.1 SP1 - IDENTITY SERVER Manual page 73

ciphers="TLS_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
TLS_DHE_DSS_WITH_AES_128_CBC_SHA"
This is a comma separated list of the JSSE names for the TLS cipher suites.
IMPORTANT: If you enter a cipher name incorrectly, Tomcat reverts to the default values,
which allow the weak ciphers to be used.
If you want to allow the SSL cipher suites, the following JSSE names can be added to the list:
SSL_RSA_WITH_RC4_128_MD5
SSL_RSA_WITH_RC4_128_SHA
For a complete list of supported cipher suites and their requirements, see
Provider (http://java.sun.com/javase/6/docs/technotes/guides/security/
SunProviders.html#SunJSSEProvider).
3 To activate the cipher list, restart Tomcat.
Linux: Enter the following command:
/etc/init.d/novell-tomcat5 restart
Windows: Enter the following commands:
net stop Tomcat5
net start Tomcat5
4 (Conditional) If you have multiple Identity Servers in your cluster configuration, repeat these
steps on each Identity Server.
The SunJSSE
Configuring an Identity Server 73