By uncommenting the various 'print' messages in the script, and ultimately using the original script, unmodified, which allows interactive testing with any tcp port of one host at a time, I figured out a bit about why I was getting the erroneous 'No SSL' messages.
The full output when scanning an https dispatcher port on a J2EE server (v 7.01) returns:
Connecting...
Sending Client Hello...
Waiting for Server Hello...
... received message: type = 22, ver = 0302, length = 1782
Unexpected EOF receiving record header - server closed connection
Server closed connection without sending Server Hello.
In the dispatcher default trace a warning message appears:
Cannot get input and output streams from socket. Connection is not initialized.
[EXCEPTION]
java.io.EOFException: Connection closed by remote host.
at iaik.security.ssl.Utils.a(Unknown Source)
...
So, the dispatcher doesn't seem to handle the initialization handshake of the test script. That in itself is not an indication of vulnerability or lack thereof. However, it reinforces that J2EE is using the IAIK suite and not OpenSSL, which reinforces the statement Stephan highlighted currently found at the top of http://service.sap.com/securitynotes, in which SAP states they currently have no indication of being vulnerable in NetWeaver.
I'm going to assume we're ok until and unless we see otherwise in a message from SAP. Thanks everyone who weighed in on this discussion.
Best regards,
Matt