Hi ALL, We have deployed embedded tomcat in RHEL 7 with jdk 1.8. For sweet32 vulnerability, we have configured jdk.tls.disabled.algorithm to remove the encryption cipher have 64bit block size.
I need a clarification whether JDK configuration is enough for embedded tomcat to avoid sweet32 attack or through IntrospectionUtils Whether we need to configure the ciphers list. Whether there is any API to find the default list of cpihers active in Embedded tomcat similar to SSLSocket.getEnabledCipherSuite? Regards, Abirami.S
