gtm_add failing due to CERT error

Hi , 
First: 

Make sure that TCP ports 22 and 4353 are open between the BIG-IP GTM systems prior to running the gtm_add script.

Try to Renew device certificate on your Bigips:  https://my.f5.com/manage/s/article/K6353

Hi,

TCP port 22 is open and we are using certificates signed by our Internal CA and these are working fine via the browser.

I also got the feeling this error happens before even an attempt is made to connect to the other device.

I am running v17.1.1.3

https://techdocs.f5.com/en-us/bigip-16-0-0/big-ip-dns-implementations/adding-a-new-big-ip-dns-to-a-big-ip-dns-synchronization-group.html#GUID-BEB250C1-7019-4CF5-BD4A-E44A17D5B42D

Running the gtm_add script

Before you start this task, you must determine the self IP address of a DNS system in the BIG-IP DNS synchronization group to which you want to add another BIG-IP DNS.

You run the 

gtm_add

 script on the BIG-IP DNS system you are adding to your network to acquire the configuration settings from a BIG-IP DNS system that is already installed on your network. For additional information about running the script, see SOL13312 on AskF5.com (

www.askf5.com

).

The BIG-IP DNS and other BIG-IP systems must have TCP port 

22

 open between the systems for the script to work. You must perform this task from the command-line interface.