I am facing this issue wherein after upgrading from quickfix-core jar from version 1.6.2 to 1.6.3 I started getting this exception.

Upon checking the debug level logs of application found following exception:
javax.net.ssl.SSLException: Inbound closed before receiving peer's close_notify: possible truncation attack?
at sun.security.ssl.Alerts.getSSLException(Alerts.java:208)
at sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1666)
at sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1634)
at sun.security.ssl.SSLEngineImpl.closeInbound(SSLEngineImpl.java:1561)
at org.apache.mina.filter.ssl.SslHandler.destroy(SslHandler.java:213)
at org.apache.mina.filter.ssl.SslFilter.sessionClosed(SslFilter.java:473)
at org.apache.mina.core.filterchain.DefaultIoFilterChain.callNextSessionClosed(DefaultIoFilterChain.java:504)
at org.apache.mina.core.filterchain.DefaultIoFilterChain.access$900(DefaultIoFilterChain.java:48)
at org.apache.mina.core.filterchain.DefaultIoFilterChain$EntryImpl$1.sessionClosed(DefaultIoFilterChain.java:927)
at org.apache.mina.core.filterchain.IoFilterAdapter.sessionClosed(IoFilterAdapter.java:88)
at org.apache.mina.core.filterchain.DefaultIoFilterChain.callNextSessionClosed(DefaultIoFilterChain.java:504)
at org.apache.mina.core.filterchain.DefaultIoFilterChain.fireSessionClosed(DefaultIoFilterChain.java:497)
at org.apache.mina.core.service.IoServiceListenerSupport.fireSessionDestroyed(IoServiceListenerSupport.java:245)
at org.apache.mina.core.polling.AbstractPollingIoProcessor.removeNow(AbstractPollingIoProcessor.java:587)
at org.apache.mina.core.polling.AbstractPollingIoProcessor.removeSessions(AbstractPollingIoProcessor.java:544)
at org.apache.mina.core.polling.AbstractPollingIoProcessor.access$800(AbstractPollingIoProcessor.java:68)
at org.apache.mina.core.polling.AbstractPollingIoProcessor$Processor.run(AbstractPollingIoProcessor.java:1128)
at org.apache.mina.util.NamePreservingRunnable.run(NamePreservingRunnable.java:64)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:745)

Just to add, we are using FIX.4.4 without any CA certification / jks file.

Heamant,
Just check the debug level logs of SSL and see which version client is trying to use to communicate to server.

It is possible that client is using some lower version (like SSLv2) and server supports higher versions (like TLSv1.2). In this case server will reject the connection and handshake will fail.

To enable SSL logging give following argument while starting your application -Djavax.net.debug=ssl. It will pring all SSL logs in STDOUT.

Just check your logs to see what version client is using while sending handshake call to server.

If you find that what i am saying is true then use EnabledProtocols=<VersionThatServerSupports> attribute in your fix setting.
For Example: EnabledProtocols=TLSv1.2

This property will make sure that your client is using the specified version for handshake.

Is this now solved? However, this belongs onto the mailing list. I doubt that this is a bug since many people are using SSL with Java 8.
Closing.