Interesting. What is happening here is the following:
1. The client tries to get a crypto provider that supports SSL_NULL_WITH_NULL_NULL.
2. If the NSS provider is not present, no provider responds to this request and the client requests TLS_RSA_WITH_AES_256_CBC_SHA instead.
3. If the NSS provider is present, instead of saying it doesn't support the algorithm it throws an exception which is carried up to the client.
Interesting. What is happening here is the following:
1. The client tries to get a crypto provider that supports SSL_NULL_WITH_NULL_NULL.WITH_AES_256_CBC_SHA instead.
2. If the NSS provider is not present, no provider responds to this request and the client requests TLS_RSA_
3. If the NSS provider is present, instead of saying it doesn't support the algorithm it throws an exception which is carried up to the client.
So the NSS provider is giving the wrong response.