So you've developed your awesome, passive 0-day exploit module in Metasploit. 100 out of 100 throws and every time it succeeds. Sweet! But wait a tick, what's this? Looking at the SSL handshake you find that Metasploit's auto-generated SSL certificate is less than optimal. What? Waddya mean adkljablkj1kljadsf.com is going to set off any red-flags to your un-suspecting victim?
Easy enough, let's just change the SSL cert that's being used with the server's handshake. While you'd think this is a straight-forward config value, turns out the implementation is a little round-about.
