The workaround for me is to resend the last request again by using the nonce that is been sent back in the failed attempt response.
I am using the ruby client and I have traced all the packets.
The nonce that is being used in the last phase is valid but get rejected but the second attempt using a new nonce works fine.
There is obviously a newly introduced bug on the server side.
Was there a recent code deploy to production in the past 3 days?