Got a certificate error when i tried starting the response group service today.
The provided certificate is not valid.
There was a problem validating certificate: Identity check failed for outgoing message. The expected DNS identity of the remote endpoint was ‘<poolname fqdn>’ but the remote endpoint provided DNS claim ‘<fqdn in a sip domain>’. If this is a legitimate remote endpoint, you can fix the problem by explicitly specifying DNS identity ‘<fqdn in a sip domain>’ as the Identity property of EndpointAddress when creating channel proxy.
Turns out that the last SAN in the certificate needs to be the same as the CN in the certificate, which should be your pool FQDN. The service will fail if it isnt.