KB Article #180189
To disable selected SSL ciphers on TNT
Problem:
How to disable the weak ciphers
Resolution:
Since TNT is a webapp that runs on Tomcat, you can disable selective ciphers in the JRE itself.
Please go to your TNT install directory and then to the following path, "[TNT Install]\jre\lib\security".
Then, open java.security with a text editor and find the line "jdk.tls.disabledAlgorithms".
For example,
jdk.tls.disabledAlgorithms=MD5, SSLv3, DSA, DESede, DES, RSA keySize < 2048
You may add any ciphers you consider weak to this parameter, save changes and restart TNT server. It should now ignore those disabled ciphers.