#Update New Way (Tested) - July 18 2018
Do this at you own risk!
1) downloaded portable version
https://www.bleepingcomputer.com/download/windows-repair-all-in-one/

2) extract zip

3) in system tray right click Windows defender and view security dashboard. Click virus and threat protection and turn off real-time protection

4) right click windows-repair and run as administrator

5) click jump to repairs

6) click preset permissions

7) it wants you to be in safe mode, I did NOT do this in safe mode but it would be a good idea.

8) start repairs and reboot.

--------------------------------------------------------------
#1 
Many solutions have been mentioned. I had tried out most of them like - forcing TLS v1.1 or above, checking the certificates, re-installing browsers, trying different browsers, etc. 
In my case, I used Wireshark as a debugger. Some of the packets were flagged as "segment not captured" -- all these had a length larger than the others. I narrowed to the MTU (Maximum Transmission Unit). 
Used cmd (in admin mode) to run the command "netsh interface ipv4 show subinterface". The interface MTU was 1400. A high MTU can cause fragmentation and could cause the SSL connection to fail. 
Set the MTU to 576 (the typical default for Internet) using the command "netsh interface ipv4 set subinterface "Local Area Connection" mtu=576 store=persistent". The SSL handshakes went through fine and the sites loaded ok. 
I tested with a higher MTU of 1300. That's the max value that I could get through my ISP. You could try this approach.