Required to be PCI, NIST or HIPAA compliant and wonder what cipher suites are needed to be used?
All of the ciphers listed are Forward Secrecy (FS) enabled and are highly recommended. They work with pretty much everything you could possibly run into at client sites. Not all of them are supported under Tomcat, but are supported for Apache. If certain ones do not work for the product under Tomcat, it will just skip that cipher and go down the list until it finds one it does work with for connections.
For PCI use these
TLS 1.2 (suites in server-preferred order)
TLS 1.1 (suites in server-preferred order)
TLS 1.0 (suites in server-preferred order)
For NIST/HIPAA compliance add
Disclaimer: As with everything else at NetIQ Cool Solutions, this content is definitely not supported by NetIQ, so Customer Support will not be able to help you if it has any adverse effect on your environment. It just worked for at least one person, and perhaps it will be useful for you too. Be sure to test in a non-production environment.