Resolution:
For security policies debug logging:

    1). Create a new file, say log4j.properties, and add the following:

        log4j.logger.com.tibco.governance=TRACE, fa
        log4j.logger.com.tibco.amx.governance=TRACE, fa
        log4j.logger.com.tibco.asg.per=TRACE, fa
        log4j.logger.com.tibco.trinity=TRACE, fa
        log4j.logger.com.tibco.amx.ra=TRACE, fa
        log4j.appender.fa=org.apache.log4j.FileAppender
        log4j.appender.fa.File=debug.log
        log4j.appender.fa.layout=org.apache.log4j.PatternLayout
        log4j.appender.fa.layout.ConversionPattern=%d{yyyy MMM dd HH:mm:ss:SSS} %-5p: %m%n

    2). Append -Dlog4j.configuration=file:///<path to above file> to java.extended.properties in the asg-engine.tra file.

   
For SSL handshake debug logging (southbound invocation):

    1). Add java.property.javax.net.debug=ssl to asg-engine.tra

    2). In asg_core.cdd, under <log-configs>/<terminal> replace

            <enabled/>
            <sys-out-redirect/>
            <sys-err-redirect/>

        with

            <enabled>false</enabled>
            <sys-out-redirect>false</sys-out-redirect>
            <sys-err-redirect>false</sys-err-redirect>