Looks like our CAS servers are running SSL with weak Diffie-Hellman (DH) key exchange parameters and WP.com’s servers really don’t like that.
In case anyone comes across this in the future, check your CAS server’s SSL at:
https://www.ssllabs.com/ssltest/analyze.html
