Currently it's not possible to use any verification the SSL cert used by Orion on the SWIS API port (tcp/17778) due to it being a self-signed SSL cert with a CN of SolarWinds-Orion on all of the pollers in the solution (see Enabling SSL Certificate Verification for the SDK). This means that verification of the SSL connection is not possible, even if you save a copy of the SSL cert given the CN mismatch.
It would be wonderful Orion Core was updated so that the certificate used on the SWIS API port (tcp/17778) would be valid so that verification SSL connection was possible, by each server having it's own fqdn as the CN instead of SolarWinds-Orion.
It would be even better if the self-signed Cert could be replacement with a CA signed cert. This would also fix the constant SSL Cert warnings that are seen in the SWQL Studio.