Re: Failed to deploy diego 0.1452.0 on openstack: database_z2/0 is not running after update
We deconstructed the certs you provided in your manifest and think that you may have missed a step when you generated your peer ssl cert. Your peer cert is missing the DNS wildcard entry '*.etcd.service.cf.internal`, it will show up like this if you deconstruct your cert
X509v3 Subject Alternative Name:
If you regenerate your peer ssl cert with:
$ certstrap --depot-path peer request-cert --common-name "etcd.service.cf.internal" --domain "*.etcd.service.cf.internal,etcd.service.cf.internal"
It is detailed in https://github.com/cloudfoundry-incubator/diego-release#generating-tls-certificates step #8.
That should fix the ssl error you're experiencing.