I have some more information on my question. I found this link:http://achorniy.wordpress.com/2009/07/15/jboss-ssl-configuration/ that describes the process of editing the server.xml file. I need to know how to translate the ciphers from the list of problem ciphers to the format used to identify them in the server.xml. Is there a list or some reference to figure out how to list just the ciphers that are not marked with **?
for example use:
ciphers="TLS_RSA_WITH_AES_128_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA"/>
Try to not use ciphers which content:
all other ciphers that don't content this algorithm will be ok and secure.