When the package server is testing HTTPS bindings it takes the first available HTTPS binding other than the Cloud Enabled Management HTTPS binding.
This becomes a problem if additional custom HTTPS bindings (port and certificate) are configured.
Symantec Management Platform 8.5 RU2
Symantec engineering has created a cumulative fix,
When no binding is created by Package Server but an existing binding/port is specified in the (Global) Site Server settings policy, Package Server now prefers the binding specified in the policy, instead of grabbing the first found.
SMP and SMA Post 8.5 Ru2 V9 cumulative fix: INFO5407