Machine A could not make a https connection to Machine B. I first used telnet to confirm a tcp connection could be made: telnet MachineB 443
This worked. So, I concluded that the network between them was set up fine. It turned out, that I was wrong, and actually Machine A had a route to Machine B, but Machine B did not have a Route back to Machine A.
Why did telnet succeed from A to B if there was no route for B to get back to A?
netstat -n -t
while connected (or even fire up tcpdump) to find out for sure.