This post is a continuation of Creating HTTPS SSL Self Signed certificate. SSL Certificates are created for one particular ‘cn’. This can be your domain name (www.example.com).
Certificate Validation Exception may occur when you try to access your host another way (for example using IP address instead of domain name or accessing it from localhost).
Java keytool has an extention: SAN (Subject alternative name), where you can specify all names that are acceptable by you (like ‘localhost’ or IP ‘127.0.0.1’). Both IP and DNS can be specified with the keytool additional argument:
so the full command is:
keytool -genkey -alias keyAlias -storetype PKCS12 -keyalg RSA -keysize 2048 -keystore myKeystore.p12 -validity 3650 -ext SAN=dns:abc.com,dns:localhost,ip:127.0.0.1
Did I help you?
I manage this blog and share my knowledge for free, sacrificing my time. If you appreciate it and find this information helpful, please consider making a donation in order to keep this page alive and improve quality