While there is no one right way to code, if you do not take some time beforehand to prepare, plan, and strategize? You likely will hit major roadblocks, large code restructuring needs, and lost time fixing more bugs because of it.
I know this is 8 months old, so I hope you got the help you needed. Normally whne you see SSL/TLS errors, it's certificate related.
Is this a secure cluster? If you've regenerated certs lately, update your CTL.
When you are encrypting your phones, signalling, etc you need to have CUCM be in a secure or mixed mode state. In 10 version, those USB keys are not required since Cisco allows you to have tokenless CTL.