TLS outgoing connection failures. Over the past %1 minutes, Lync Server has experienced TLS outgoing connection failures ...

Lync Server 2010

TLS outgoing connection failures.

Over the past %1 minutes, Lync Server has experienced TLS outgoing connection failures %2 time(s). The error code of the last failure is %3 (%4) while trying to connect to the server "%5" at address [%6:%7], and the display name in the peer certificate is "%8".
Cause: Most often a problem with the peer certificate or perhaps the DNS A record used to reach the peer server. Target principal name is incorrect means that the peer certificate does not contain the name that the local server used to connect. Certificate root not trusted error means that the peer certificate was issued by a remote CA that is not trusted by the local machine.
Resolution:
Check that the address and port matches the FQDN used to connect, and that the peer certificate contains this FQDN somewhere in its subject or SAN fields. If the FQDN refers to a DNS load balanced pool then check that all addresses returned by DNS refer to a server in the same pool. For untrusted root errors, ensure that the remote CA certificate chain is installed locally. If you have already installed the remote CA certificate chain, then try rebooting the local machine.

TLS negotiation failed with a incoming connection from an unknown Gateway. Remote Endpoint: %1 Reason: %2 Cause: A Gateway ... TLS negotiation failed with a incoming connection on the Proxy side TLS endpoint. Remote Endpoint: %1 Reason: %2 Cause: The ... TLS negotiation failed with the Gateway. This event is throttled after 5 consecutive failed calls from a single Gateway peer. ... TLS negotiation failed with the Proxy Peer. This event is throttled after 5 consecutive failed calls. Proxy Peer FQDN: %1, ... TLS outgoing connection failures. Over the past %1 minutes, Lync Server has experienced TLS outgoing connection failures ... To change a user's pool, click Commit to save any changes that you made on this page or click Cancel, and then go back to ... To define prefixes or starting digits, add number prefixes that this route should handle, including the + if necessary. For ... To enable Kerberos authentication for the site, create a computer account in Active Directory with New-CsKerberosAccount, ... To generate a configuration file, run the Export-CsConfiguration cmdlet on a machine that has access to the Central Management ...