Hey, Irvin. Do you control that AWS endpoint? We encountered an issue like this with a customer a while back, only the situation was reversed: the third party provider was switching off SSL v3 on the endpoint, and Salesforce had to get with the program. It is odd that one Salesforce Org would still be using SSL v3, as all instances were upgraded in June (I think) though. If you can, I’d try making a really simple callout from the Sandbox to the endpoint and see if you can even make the connection.

I don’t want to send you down a wild goose chase because the issue may be something else entirely, but I can say that this does sound familiar and the solution in that instance was get everything going on TLS. The only other thing that came to mind was the review the Remote Site Settings in the two orgs to see that they match.  

Hi J,

Thanks for the reply.

I have cross-checked the Remote Site settings - check.

No, I do not control the AWS endpoint.  It is a fee based service and I am just calling it within certain workflows e.g. click Skuid multiple-action button.

Thanks again,
Irvin

J, I verified that the service would not work with TLS 1.1.  Now I get to fight with the vendor.  Oh joy.

Joy indeed…