We have deployed Octopus tentacles on several servers. Each of them have installed a certificate with Octopus Tentacle as a “hostname” . This triggers a vulnerability “SSL Certificate with Wrong Hostname”, since the device has a hostname and the certificate installed due to Octopus is another different. Would you advise on how can we proceed?
First and foremost, welcome to the Octopus forums!
Thanks for reaching out.
I think what you may be running into here is your scanner is picking up the fact that we use self-signed certificates. In this case, are you able to create your own certificates so your vulnerability scanner doesn’t hit on our self-signed ones?