Self-signed certificate: DNSName components must begin with a letter
问题 Is there a way for java's keytool to generate self-signed certificate with a wildcard in SAN (Subject Alternative Name)? I'm using this command to generate keystore: keytool -genkey -alias tomcat -storetype JKS -keyalg RSA -keysize 2048 -ext san=dns:*.example.com -keystore "path/to/my/keystore.jks" -validity 3650 But I get IOException: DNSName components must begin with a letter Obviously, the problem is *.example.com in SAN, but I don't see other way of generating self-signed certificate for