For an OCS 2007 R2 infrastructure configured for federation, running the Validation Wizard on your Standard or Enterprise edition Front-End server* and selecting “Validate Connectivity” may report back with a failure message similar to the one here:
[0xC3FC200D] One or more errors were detected
Global Federation Route edgehostname.swissitpro.ch
DNS Resolution succeeded: w.x.y.z
TLS connect failed due to incorrect remote subject name: w.x.y.z:5061 Error Code: 0×80090322 outgoing TLS negotiation failed; HRESULT=-2146893022
where w.x.y.z = internal NIC IPv4 address of Edge Server (edgehostname.swissitpro.ch)
This failure is caused by a certificate misconfiguration. Typically, an Edge Server is not part of the internal AD domain. As a standalone server, there is no FQDN per sec for the Edge Server; only the hostname (or NetBIOS name if you will). Therefore, ensure that the Subject (CN) of the certificate that is assigned to the internal NIC matches the hostname of the machine. A single entry in the Subject Alternative Name (SAN) with the same information is also recommended.
* forest node / server edition / server FQDN / Validation / Front End Server