Allow SSL cipher suites to be configured, preferably in the administration panel but at a minimum by editing the config.xml. Currently we are relying on the default cipher suites for jetty which includes some outdated ones that are considered insecure these days.

See configuring cipher suites

It looks like a change needs to be made in com.cenqua.fisheye.web.WebServer, where we set up the SslContextFactory. We need to call setIncludeCipherSuites to provide a list of cipher suites.