Running ePO console version 5.9.1. Had to run a Splunk report against an Remote Agent Handler. It shows numerous SSL issues. Weak Hash Algorithm, SSL version 2 and 3, SSL cert with wrong hostname, SMB signing not required, SSL Cert cannot be trusted and TLS Protocol Crime Vulnerability. How do I clear up these and other SSL cert issues
The ePO engineering team has researched the findings and concluded that ePO is not vulnerable to the reported findings because ports 8444 and 443 are not meant for browsing using a browser. They are accessed from the McAfee Agent (MA), or Agent Handler (AH) or other ePO internal service, and the certificate trust is built on OrionCA which is generated per ePO install.
Regarding the warnings, the exception noted for QID 38173 applies:
The ePO server and Agent Handler components communicate only with a restricted set of clients who have the trusted certificate chain. The CA certificate is not available publicly and cannot be verified remotely.