Unfortunately I think you are stuck with the Java Control Panel solution. The reason for this is that client and server must establish a mutually compatible cipher suite as part of the TLS handshake. In this case, your local Java Runtime Environment is the "client," and its cipher suite preferences are governed by the Control Panel. JNLP configuration cannot change this on the fly, and with good reason -- imagine the reverse situation, in which the client is forced to accept a lower-security cipher.
For example, let's say your server supports TLS 1.2 and TLS 1.1 (in that order of preference). If your client only supports TLS 1.0 and SSL v2 then there is no mutually agreeable cipher suite, and the handshake fails. The handshake only succeeds if your client supports TLS 1.1, TLS 1.2, or both. Note that order doesn't matter on the client, since the server wants to use the highest possible level of security that the client supports.