We received from our IT Security the warning that if you resolve the IP address of our CNAME entry in the DNS and call it via https we get a certificate error. Invalid certificate because common name domain does not match the IP. e.g.
The IT security claims that it is a security issue since OSCP stapling is possible.
How can I fix this?