We are facing intermittent failure in cert handshake with the error msg :
CertificateException: Server cert 'cn=*.someserver.net' found but not trusted for SSL.
Caused by: Server cert 'cn=*.someserver.net' found but not trusted for SSL.
We did verify everything looks good in terms of configuration and in fact 90% of the calls are going successful, still we are getting 10% failures across all the servers on two different clusters while connecting to same backend.
Release : 10.0
The Trust is based on more then name, it is based on the SHA thumbprint of the certificate returned. Depending on what host in the pool of back-ends it was hitting the CN was the same but the thumbprint was different.