keytool

Java: Loading self-signed, CA, and SAN certificates into a Java Keystore

The JRE comes preloaded with a set of trusted root authorities, but if you are working with self-signed certificates, or SAN server certificates that were signed using your own Certificate Authority then you are going to need to add these certificates to your trusted keystore. If your Java application attempts to communicate via TLS to Java: Loading self-signed, CA, and SAN certificates into a Java Keystore

Ubuntu: Creating a trusted CA and SAN certificate using OpenSSL

There are numerous articles I’ve written  where a certificate is a prerequisite for deploying a piece of infrastructure. This article will guide you through creating a trusted CA (Certificate Authority), and then using that to sign a server certificate that supports SAN (Subject Alternative Name).  Operationally, having your own trusted CA is advantageous over a Ubuntu: Creating a trusted CA and SAN certificate using OpenSSL