I got this level 3 issue in my internal scan. The issue appear testing my tomcat server right on the IP.
Trying to resolve this I found that I should that enable HTTPS only request on the Tomcat. I have done this using the COMODO certificate that I've already got on my website, but after done that qualys scan point a level 2 issue that the server's certificate does not match the URL, that makes sense once the certificate is a name and de URL is a IP.
There's any way to fix this making my tomcat server HTTPS or should I treat this one as a false positive as long the external scan don't got any king of issue on level 3 issue and the level 2 got a certificate that I can trust as long is mine?
Thanks in advance.