Comment 2 for bug 1827229

After further thought and analysis about this issue, we have decided that adding a SAN for the floating IP address in the temporary self-signed certificate adds no value. The preferred approach is to remove the FQDN from the CN so that the client does not attempt to validate against the server's source IP or FQDN at all. The end user can then safely add a custom certificate over the TLS encrypted channel created with the self-signed certificate.

Please regenerate the temporary self-signed certificate so that the Subject attributes are StarlingX specific rather than Wind River specific (e.g., C/ST/L/O/OU/CN), and set the CN=StarlingX.