Using WAS 8.5.5. on IBM JVM 1.8_181 with 21.4 Java agent.
This is failing to connect to the Cloud Proxy (via LBAS load balancer) due to a cipher issue
9/09/21 05:16:28 AM BST [VERBOSE] [IntroscopeAgent.ConnectionThread] Attempting to connect to Introscope Enterprise Manager dx-apm-proxy-mydomian.net:443,com.wily.isengard.postofficehub.link.net.HttpsTunnelingSocketFactory (4).
9/09/21 05:16:28 AM BST [WARN] [IntroscopeAgent.CommonsHttpTunnelingClient] connectBinary failed to perform SSL handshake: Received fatal alert: handshake_failure
When using a 21.6 agent it works - what is different about 21.6 and can the change be adapted for 21.4
21.4 agent lists the ciphers supported and then sets
9/09/21 05:15:57 AM BST [INFO] [IntroscopeAgent.Agent] Setting SSL socket ciphers to: [SSL_ECDHE_RSA_WITH_AES_128_CBC_SHA256]
however this cipher is not supported by the intermediate load balancer
21.6 agent instead sets
9/10/21 01:24:21 PM BST [INFO] [IntroscopeAgent.Agent] Setting SSL socket ciphers to: 
Release : 21.4
Component : Agent
Forcing the agent to use a specific cipher supported by both agent JVM and the remote endpoint via an agent property addressed the problem
setting agentManager.cipherSuites.1= did not help with 21.4 agent even though 21.6 was effectively doing this