We updated tomcat-embed-core to mitigate a CVE and our compile failed as we were subclassing JSSEUtil and overriding getParameters to further configure the Cert Params. I have a pull request with a possible solution which does not involve making the the getParameters() method protected or public, but instead adds an interface object which can configure params after creation. Link to PR is here: https://github.com/apache/tomcat/pull/171
Since getParameters was protected (same for getCRLs), it should remain protected in 9.x and 8.5. The fix will be in 9.0.22 and 8.5.43.