When running vulnerability scans, Nessus reports that the SSL certificate cannot be trusted, has the wrong hostname, is using a self-signed certificate, and has an RSA key less than 2048 bits. This presents a mixture of 16 low and medium vulnerabilities on our Orion box that we have to investigate and report back to the government as to why we cannot remediate them. It would be fantastic if we could use the same certificate we use for the web console in IIS. At the very least, we need to replace the certificate with something that is generated by our enterprise certificate authority. Currently, we're having certificate issues with services bound to ports 5671, 17778, 17780, 17791 and 17799.
