SSLDump

It looks like something wrong about clients key or client encryption settings. TCPDUMP might help!

Also check this article

ChangeCipherSpec (client)

During the client's ChangeCipherSpec phase, the client initializes the options that were negotiated by both parties. This phase marks the point when the parties change the secure channel parameters from using asymmetric (public key) to symmetric (shared key) encryption. A handshake failure during this phase may relate to SSL message corruption or issues with the SSL implementation itself. [Content copied from article]