TLS Cipher Suite selection
Our client is a test out of 2016.1 (Build 656U) Healthshare that wants to do a one way SSL connection to our Java 1.7/Tomcat 8.0 server. We have yet to come up with a secure cipher set that Healthshare and Java agree on for the handshake. So far we've had to use these ciphers identified which are not recommended (though it does do a handshake properly). Our definition of "secure cipher set" comes from this best practices section 2.3 and ideally we'd like to use the ciphers identified. Are any of these available in HealthShare 2016+?
Our setup: In Healthshare, we have an SSL/TLS configuration setup that sets a Client type, points to a trusted CA certificate, set for TLSv1.0, TLSv1.1, and TLSv1.2 protocols, and enables these ciphers: ALL:!aNULL:!eNULL:!EXP:!SSLv2. With the weaker ciphers selected, we establish handshake successfully.
Thanks!