[Reposting my comment as the answer]
I have realized that SSL certificate for a public IP address is not that a good idea from the answers to the related question (linked to this question) by @MadHatter.
I have decided to use SSL cert bound to a domain name and use the hosts file for the dns resolution for the testing and demo purposes.
I have generated a self signed certificate using the command =>
keytool -genkey -keyalg RSA -alias selfsigned -keystore demo1keystore.jks -storepass mykeystore@789 -validity 360 -keysize 2048
To add to the trust store read by chrome => I have followed the instructions from this link
I have tested all this to understand what works in practice.
Tried with a
- Self signed certified bound to a domain name and tested SSL connectivity with Chrome and Firefox and a Jetty Server. Things worked fine.
- Self signed certified bound to a IP ADDRESS and tested SSL connectivity with Chrome and Firefox and a Jetty Server. The Chrome Browser failed to trust the certificate.
If anyone else has a different perspective about this, please reply as a comment. Accepting this as answer.