Some SSL Client Certificates failing handshake

What was expected:
SSL Client Certificate based connections worked fine with previous release of JRE: 1.8.0_265-8u265-b01-0ubuntu2~18.04-b01

What happened:
When attempting to use a client certificate to establish a connection with the latest Java 8 JRE, some connections fail with specific client certificates; however others work. There was no change to SSL related code and previous JAR versions on updated bionic containers started failing after the latest USN-4607-2 fix from 12/Nov/2020.

Now the following issue occurs:
javax.net.ssl.SSLProtocolException: Received fatal alert: unexpected_message
at sun.security.ssl.Alert.createSSLException(Alert.java:129)
at sun.security.ssl.Alert.createSSLException(Alert.java:117)
at sun.security.ssl.TransportContext.fatal(TransportContext.java:311)
at sun.security.ssl.Alert$AlertConsumer.consume(Alert.java:293)
at sun.security.ssl.TransportContext.dispatch(TransportContext.java:185)
at sun.security.ssl.SSLTransport.decode(SSLTransport.java:149)
at sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1146)
at sun.security.ssl.SSLSocketImpl.readApplicationRecord(SSLSocketImpl.java:1116)
at sun.security.ssl.SSLSocketImpl.access$200(SSLSocketImpl.java:72)
at sun.security.ssl.SSLSocketImpl$AppInputStream.read(SSLSocketImpl.java:815)

Previous working version: 1.8.0_265-8u265-b01-0ubuntu2~18.04-b01
Non-working version: 1.8.0_275-8u275-b01-0ubuntu1~18.04-b01

2 client certificates for 2 different API providers are in use; both certificates are RSA 2048bit based; however the working certificate is signed RSA+SHA1; while the non working certificate is RSA+SHA256 - that appears to be the only visual difference.

Manual inspection of a packet trace shows no unexpected issues across the handshake, all required ciphers match and TLSv1.2 is in use. 'openssl s_client' with both client certificates works fine to establish the connection; the issue appears to be JDK/JRE based.

I'm not sure looking at the diffs of the exact changes related to the first point raised in:
https://ubuntu.com/security/notices/USN-4607-2

"USN-4607-1 fixed vulnerabilities and added features in OpenJDK.
Unfortunately, that update introduced a regression that could cause TLS
connections with client certificate authentication to fail in some
situations. This update fixes the problem."

It appears there is a potentially a particular corner case of a regression that still remains?

Happy to provide additional information as required.

# lsb_release -rd
Description: Ubuntu 18.04.4 LTS
Release: 18.04

# apt-cache policy openjdk-8-jre-headless
openjdk-8-jre-headless:
  Installed: 8u275-b01-0ubuntu1~18.04
  Candidate: 8u275-b01-0ubuntu1~18.04
  Version table:
 *** 8u275-b01-0ubuntu1~18.04 500
        500 http://archive.ubuntu.com/ubuntu bionic-updates/universe amd64 Packages
        500 http://security.ubuntu.com/ubuntu bionic-security/universe amd64 Packages
        100 /var/lib/dpkg/status
     8u162-b12-1 500
        500 http://archive.ubuntu.com/ubuntu bionic/universe amd64 Packages