Unfortunately, there is not enough information in the text above to figure out what is wrong.
Here's an additional option so can generate detailed SSL debug output.
1) Using Windows Explorer (assuming you are running a Windows OS), navigate to LISA_HOME/bin
2) Locate the LISAWorkstation.EXE.
3) If there is a file called LISAWorkstation.vmoptions, open it with an editor (Notepad or Notepad++)
If there is not a file, create one and save it exactly as the 'LISAWorkstation' name appears and replace the '.exe' suffix with '.vmoptions'.
Add the following command on a line by itself
-Djavax.net.debug=all
The syntax is '-D' which means directive. You are activating the the built-in Java debugger for the system property javax.net.debug
If using Notepad, make sure that a .txt extension is not added by Notepad.
4) Save the file and check that it appears with exactly the same name as the Workstation.exe including UPPER and lower case letters.
You have now defined a VMOPTIONS file that can be used when the Workstation is started.
5) Shut down the Workstation.
6) Navigate to c:\users\<yourAcctId>\lisatmp_7.0.1 (this is where LISA places its log files. your folder name may be slightly different)
7) Locate the file called workstation.log and delete or rename it. (this is the log file that Workstation dumps output into)
Deleting this file will not cause harm. And, it will make it smaller when you open it in step 9, below.
8) Restart LISA Workstation so the directive activates, open your project, and execute your REST call one time
9) Navigate back to c:\users\<yourAcctId>\lisatmp_7... and open the workstation.log file.
The debug option will cause a lot of information to be dumped into the log. If you drop to the bottom of the file and work up from there you will see output similar to what you saw in the SSL Debug within Workstation. Hopefully, there will be more detailed information than you received in the SSL debug window inside workstation.
Now open this URL: Debugging SSL/TLS connections
Oracle has a document that identifies what is happening during the handshake between the client and the server. Oracle's example uses X509 certificates, but generally the handshake pattern holds true regardless of the SSL.
One thought is that the server may be expecting a stronger encryption algorithm than the Workstation Java JRE provides. You might need to install the Java crypto classes if the encryption is greater than what the JRE supports.
The other thought is that the REST call is not picking up your self-signed Certificate (the one provided by the admin in the CER file). When the CLIENT says HELLO to the server, it passes a list of the Cipher suites it can use. The SERVER says HELLO, it settles on a cipher suite that the two will use. The SERVER then passes its certificate chain to LISA (the Client).
What I would look for is that the CLIENT recognizes the chain. There may be a message like: 'Found Trusted Certificate' indicating that a match has been found between the Issuers and the Certificates. I would look at the Cert and see if it is the correct self-signed cert and not a generic cert issued by CA or Sun, etc.
I am hoping debug output might provide a better indication since Exception is a generic 'catch all' type of exception.
From here, you have two options. One option is to upload the workstation log -- which you probably cannot do since there could be customer information in the dump. The other option is to find a security admin within the customer organization that created the certificate to help you diagnose the output in your log file.
Sorry, wish I had been able to spot the exact issue. Joel