What we are trying here ?
The SSL handshake with server using TLSv1.2.
What happened ?
The SSL handshake failure followed by client hello message sent to the server.
What is expected ?
Post client hello message sent to server we expect the acknowledgement and server hello and then usual SSL handshake steps (Refer below "Complete SSL Handshake Flow").
Java Debug VM-arguments:
To enable SSL logs
-Djavax.net.debug=SSL
To enable the entire logs
-Djavax.net.debug=ALL
Whats our analysis ?
If you observe SSL handshake of client logs below the actual client hello initiated in SSLv2 message with server to say that client can support up to TLSv1.2 version.
Client SSL handshake logs:
WRITE: TLSv1.2 Handshake, length = 329
WRITE: SSLv2 client hello message, length = 359
Whats solve for it ?
Forced/Limited our enabled protocols list to use TLSv1.2 while establishing the handshake with server.
SSLEngine.setEnabledProtocols(new String[] {"TLSv1.2"});
Complete SSL Handshake Flow:
