FOPE DST failing with Could not establish trust relationship for the SSL/TLS secure channel - TechNet Articles - United States (English) - TechNet Wiki

If you receive that error on the DST screen and you see the following error in the event log on the system

Event Source: Directory Synchronization Tool
Event Category: None
Event ID: 1302
Date:  9/14/2010
Time:  2:05:22 PM
User:  N/A
Computer: MACHINENAME
Description:
Sync web service reports that an internal error occurred while processing a request. This might be due to a service issue. Please contact technical support.

Extended Properties:
Exception: System.Net.WebException: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel.
Error Type: ConfigurationError

Timestamp: 9/14/2010 7:05:22 PM (UTC)
Process Name: C:\Program Files\Microsoft Directory Synchronization Tool\Microsoft.Ehs.DirSync.Dst.exe
Category: General
Priority: 5
Machine: MACHINENAME
Application Domain: Microsoft.Ehs.DirSync.Dst.exe
Process Id: 1200
Win32 Thread Id: 3384
Thread Name:

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

This may be due to an issue with Proxied Internet access.  If you are not using a proxy config for the DST but instead bypassing this you need to ensure that access to the following URL's is allowed from the system running the DST.

http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/*
http://www.microsoft.com/pki/mscorp/*

This is due to some CRL checking that takes place for the SSL/TLS underlying connection.  If those URL's cannot be reached the TLS connection will not succeed.