A fresh install of ISE uses a self-signed SHA-1 certificate. CSCuv88163 is a known enhancement on this. We may easily generate a self-signed SHA-2 certificate or a CSR and have an external PKI to sign and provide a SHA-2 certificate to replace the SHA-1 one.
