Interesting. What is happening here is the following:
1. The client tries to get a crypto provider that supports SSL_NULL_WITH_NULL_NULL.
2. If the NSS provider is not present, no provider responds to this request and the client requests TLS_RSA_WITH_AES_256_CBC_SHA instead.
3. If the NSS provider is present, instead of saying it doesn't support the algorithm it throws an exception which is carried up to the client.
Interesting. What is happening here is the following:
1. The client tries to get a crypto provider that supports SSL_NULL_ WITH_NULL_ NULL. WITH_AES_ 256_CBC_ SHA instead.
2. If the NSS provider is not present, no provider responds to this request and the client requests TLS_RSA_
3. If the NSS provider is present, instead of saying it doesn't support the algorithm it throws an exception which is carried up to the client.
So the NSS provider is giving the wrong response.