I applied a new web server cert to the primary site to use an alternative name (fwc-sccm) rather than the FQDN. This is because the app catalog will not passthrough credentials with the fqdn.The new cert worked just fine for that, and everything else it seemed until we tried OSD. From the failed task sequence DNS is working just fine. the logs looks like:
<![LOG[CLibSMSMessageWinHttpTransport::Send: URL: FWC-SCCM.fws.example.com:443 GET /SMS_MP_AltAuth/.sms_aut?MPKEYINFORMATIONMEDIA]LOG]!><time="07:42:28.668+480" date="03-25-2015" component="TSMBootstrap" context=""
type="1" thread="800" file="libsmsmessaging.cpp:8604">
<![LOG[In SSL, but with no client cert]LOG]!><time="07:42:28.668+480" date="03-25-2015" component="TSMBootstrap" context="" type="1" thread="800" file="libsmsmessaging.cpp:8738">
<![LOG[[TSMESSAGING] AsyncCallback(): -----------------------------------------------------------------]LOG]!><time="07:42:28.824+480" date="03-25-2015" component="TSMBootstrap" context="" type="1"
thread="800" file="libsmsmessaging.cpp:609">
<![LOG[[TSMESSAGING] AsyncCallback(): WINHTTP_CALLBACK_STATUS_SECURE_FAILURE Encountered]LOG]!><time="07:42:28.824+480" date="03-25-2015" component="TSMBootstrap" context="" type="3" thread="800"
file="libsmsmessaging.cpp:610">
<![LOG[[TSMESSAGING] : dwStatusInformationLength is 4
]LOG]!><time="07:42:28.824+480" date="03-25-2015" component="TSMBootstrap" context="" type="3" thread="800" file="libsmsmessaging.cpp:611">
<![LOG[[TSMESSAGING] : *lpvStatusInformation is 0x10
]LOG]!><time="07:42:28.824+480" date="03-25-2015" component="TSMBootstrap" context="" type="3" thread="800" file="libsmsmessaging.cpp:612">
<![LOG[[TSMESSAGING] : WINHTTP_CALLBACK_STATUS_FLAG_CERT_CN_INVALID is set
]LOG]!><time="07:42:28.824+480" date="03-25-2015" component="TSMBootstrap" context="" type="3" thread="800" file="libsmsmessaging.cpp:632">
<![LOG[[TSMESSAGING] AsyncCallback(): -----------------------------------------------------------------]LOG]!><time="07:42:28.824+480" date="03-25-2015" component="TSMBootstrap" context="" type="3"
thread="800" file="libsmsmessaging.cpp:642">
<![LOG[Error. Received 0x80072f8f from WinHttpSendRequest.]LOG]!><time="07:42:28.824+480" date="03-25-2015" component="TSMBootstrap" context="" type="1" thread="800" file="libsmsmessaging.cpp:8870">
<![LOG[hr, HRESULT=80072f8f (e:\qfe\nts\sms\framework\osdmessaging\libsmsmessaging.cpp,8919)]LOG]!><time="07:42:28.824+480" date="03-25-2015" component="TSMBootstrap" context="" type="0" thread="800"
file="libsmsmessaging.cpp:8919">
<![LOG[sending with winhttp failed; 80072f8f]LOG]!><time="07:42:28.824+480" date="03-25-2015" component="TSMBootstrap" context="" type="3" thread="800" file="libsmsmessaging.cpp:8919">
<![LOG[m_pHttpTransport->Send (0, 0, pServerReply, nReplySize), HRESULT=80072f8f (e:\qfe\nts\sms\framework\osdmessaging\libsmsmessaging.cpp,5159)]LOG]!><time="07:42:28.824+480" date="03-25-2015" component="TSMBootstrap"
context="" type="0" thread="800" file="libsmsmessaging.cpp:5159">
<![LOG[MPKeyInformation.RequestMPKeyInformationForMedia(szTrustedRootKey), HRESULT=80072f8f (e:\qfe\nts\sms\framework\osdmessaging\libsmsmessaging.cpp,9410)]LOG]!><time="07:42:28.824+480" date="03-25-2015" component="TSMBootstrap"
context="" type="0" thread="800" file="libsmsmessaging.cpp:9410">
<![LOG[Failed to get information for MP: https://FWC-SCCM.fws.example.com. 80072f8f.]LOG]!><time="07:42:28.824+480" date="03-25-2015" component="TSMBootstrap" context="" type="3" thread="800"
file="tsmbootstraputil.cpp:1518">
<![LOG[sMP.length() > 0, HRESULT=80004005 (e:\qfe\nts\sms\client\tasksequence\tsmbootstrap\tsmbootstraputil.cpp,1526)]LOG]!><time="07:42:28.824+480" date="03-25-2015" component="TSMBootstrap" context=""
type="0" thread="800" file="tsmbootstraputil.cpp:1526">
<![LOG[TSMBootstrapUtil::SelectMP ( sSMSTSMP.c_str(), sMediaPfx.c_str(), sMediaGuid.c_str(), sAuthenticator.c_str(), sEnterpriseCert.c_str(), sServerCerts.c_str(), nHttpPort, nHttpsPort, bUseCRL, sSiteCode, sAssignedSiteCode, sMP, sCertificates, sX86UnknownMachineGUID,
sX64UnknownMachineGUID), HRESULT=80004005 (e:\qfe\nts\sms\client\tasksequence\tsmbootstrap\tsmediawizardcontrol.cpp,907)]LOG]!><time="07:42:28.824+480" date="03-25-2015" component="TSMBootstrap" context=""
type="0" thread="800" file="tsmediawizardcontrol.cpp:907">
<![LOG[Exiting TSMediaWizardControl::GetPolicy.]LOG]!><time="07:42:28.824+480" date="03-25-2015" component="TSMBootstrap" context="" type="0" thread="800" file="tsmediawizardcontrol.cpp:1420">
<![LOG[pWelcomePage->m_pTSMediaWizardControl->GetPolicy(), HRESULT=80004005 (e:\qfe\nts\sms\client\tasksequence\tsmbootstrap\tsmediawelcomepage.cpp,303)]LOG]!><time="07:42:28.824+480" date="03-25-2015" component="TSMBootstrap"
context="" type="0" thread="800" file="tsmediawelcomepage.cpp:303">
<![LOG[Setting wizard error: An error occurred while retrieving policy for this computer (0x80004005). For more information, contact your system administrator or helpdesk operator.]LOG]!><time="07:42:28.824+480" date="03-25-2015"
component="TSMBootstrap" context="" type="0" thread="884" file="tsmediawizardcontrol.cpp:1589">