Help fixing X.509 Certificate Vulnerability

  • I am getting this message from a security scan and I am not sure how to identify which certificates are the problem. The scan tells me which hosts are the problem, but not the specific certs.

    There were 15 hosts with at least one of the X.509 certificates sent by the remote host that had a key that was shorter than 2048 bits. According to industry standards set by the Certification Authority/Browser (CA/B) Forum, certificates issued after January 1, 2014 must be at least 2048 bits.