Thanks for your help, I used:
SSLSocketFactory factory = HttpsURLConnection.getDefaultSSLSocketFactory();
The factory I get back is a: com.sun.net.ssl.internal.ssl.SSLSocketFactoryImpl
But this socket factory tries to connect using SSLv2Hello which is old and deprecated version of the SSL handshake because it had security problems. The other server will not accept SSLv2Hello.
Client exception (client runs in Glassfish): javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
Remote server exception: javax.net.ssl.SSLHandshakeException: SSLv2Hello is disabled
I suspect that the problem is really that my servlet runs inside of opensso. The opensso war file includes some older version of these SSL classes which then gets loaded and used in the call HttpsURLConnection.getDefaultSSLSocketFactory.
[Message sent by forum member 'suggarglider' (suggarglider)]
http://forums.java.net/jive/thread.jspa?messageID=321089