Hi,
Just study the outputs of
sh ssl associate
sh ssl stat
The first one tells you whether the rsa keys and certs have been used by the proxy list. The second output will give a good indication if there is any mismatch between the handshakes and number of failures as well. Just my 02 cents.
If I am you I would try a packet capture. Most of the time what I found was issues related to negotiation of SSL ciphers suites.
thanks