We have multiple interfaces configured on our C695 appliances, only one of which has any kind of HTTPS enabled on it. However, all the interfaces which don't have HTTPS configured are set to use the Cisco default certificate, and the box to change this is greyed out (makes sense, since the interface isn't actually using ANY certificates).

However, this is causing the warning on login that the default cert is in use and should be changed. While we can suppress this warning, this has to be done on a per-user basis, and wastes admin time investigating what appears at first report to be a serious issue, only to discover that it's actually nothing. It also means that, should the default cert ACTUALLY be assigned to a live interface, admins are likely to have already suppressed the warning that would make them aware of it.

How can we fix this so that we either replace the default cert with a valid one, remove the default cert altogether, or assign a valid one to interfaces which don't use HTTPS?