A new server could not be joined to a domain.
5.04.18 13:04:25.021 MODULE ( PROCESS ) : Konnte nicht mit dem DC Master ucs.domain.de verbinden: ('Could not send request.', SSLError(1, u'[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:581)'))
During domain join the new server connects to the master server via Apache/SSL.
The domain controller master got updated certificates recently (according to this SDB article). But the part
cp ucsCA/CAcert.pem /var/www/ucs-root-ca.crt was skipped so the new certificates where unknown to Apache.
Copying the certificates as mentioned and restarting Apache (
systemctl restart apache2) solved the issue and the new host was able to join the domain.