Integration

Hi All,
I m using iplanet 6.0 (SP5) for SSL Communication at server side in my project. Iplanet 6.0 comes default with 128 bit encryption. Recently, it was reported in an audit check that, a browser with 56 bit strength was able to access the server url. In the server.xml, we have the below mentioned ciphers enabled and disabled :

<CONNECTIONGROUP id="group1" matchingip="default" servername="cosl-ux4.cosl.in.citicorp.com" defaultvs="https-admserv">
<!--SSLPARAMS servercertnickname="Server-Cert" ssl2="off" ssl2ciphers="-rc4,-rc4export,-rc2,-rc2export,-des,-desede3" ssl3="off" ssl3tlsciphers="-fortezza,-fortezza_rc4_128_sha,+rsa_rc4_128_md5,-rsa_rc4_40_md5,+rsa_3des_sha,+rsa_des_sha,-rsa_rc2_40_md5,-fortezza_null,-fips_des_sha,+fips_3des_sha,-rsa_null_md5,-rsa_rc4_128_sha,-rsa_des_56_sha,-rsa_rc4_56_sha" tls="on" tlsrollback="off" clientauth="off"/-->

For your understanding, ssl2 is disabled and ssl3tlsciphers are enabled:

Those are :

+rsa_rc4_128_md5
+rsa_3des_sha
+rsa_des_sha
+fips_3des_sha

On accessing the url : https://xyz.com:10050, the certificate appears and the secure lock icon shows 128 bit encrypted. On launching in Mozilla, the page info shows RC4 128 BIT Encryption.

But during audit check, a browser with lower cipher strength (56 bit) was used and it was able to gain access to the iplanet server. The message given in page info of mozilla was "Low-grade encryption(DES-CBC 56 bit).

How can i restrict the 56-bit web browser to gain access to the 128 bit iplanet 6.0 webserver ?