When a Connection Server instance or security server is installed, the installer creates a registry setting with a value that contains the FQDN of the computer. You must verify that this value matches the server name part of the URL that security scanners use to reach the PSG port. The server name also must match the subject name or a subject alternate name (SAN) of the TLS certificate that you intend to use for the PSG.
For example, if a scanner connects to the PSG with the URL https://view.customer.com:4172, the registry setting must have the value view.customer.com. Note that the FQDN of the Connection Server or security server computer that is set during installation might not be the same as this external server name.
Procedure
What to do next
Import the CA-signed certificate into the Windows local computer certificate store and configure the certificate Friendly name.