"""
Android versions >= 4.1/4.2 and < 5.0 support TLS 1.1 and TLS 1.2, but these (newer and more secure) TLS versions are disabled, while only SSLv3 and TLSv1 stay enabled by default.
"""

Le développeur de davdroid a trouvé la parade: http://blog.dev001.net/post/67082904181/android-using-sni-and-tlsv1-2-with-apache-httpclient
en attendant: sur ttrss, owncloud, le client munin pour ne citer que ces 3 là: je me tape un
"""
javax.net.ssl.SSLException: SSL handshake aborted: ssl=0x1cc160: I/O error during system call, Connection reset by peer
"""

Je suis donc obligé d'activer TLSv1 niveau serveur..

C'est corrigé dans android 5: http://developer.android.com/about/versions/android-5.0-changes.html#ssl
"""
TLSv1.2 and TLSv1.1 protocols are now enabled,
AES-GCM (AEAD) cipher suites are now enabled,
MD5, 3DES, export, and static key ECDH cipher suites are now disabled,
Forward Secrecy cipher suites (ECDHE and DHE) are preferred.
"""

Origine de ma découverte: http://stackoverflow.com/questions/20741405/javax-net-ssl-sslexception-ssl-handshake-aborted-connection-reset-by-peer-while/20745624#20745624