...
Disable 40 and 56 bit ciphers
You probably want to disable the very weak ciphers, i.e. the By default, also 40 and 56 bit ones. You ciphers are supported - you probably want to disable these. To do so you have to explicitly configure thisthe allowed ciphers: take the previous list, include the 256 bit ciphers, leave out the 40 and 56 bit ones, then put the official names (not the OpenSSL equivalent) of the remaining ciphers in your HTTPS config (in my case at the bottom of server.xml). This will look like this:
...