Adding missing SAN element in the certificate to resolve federated authentication flow failure

[LakshiAthapaththu]

Is your suggestion related to a missing or misleading document? Please describe.
As reported in #16181, Federated authentication fails between two tenants in a host name changed IS. This is due to that if the certificate used for SSL communication has a cert, the hostname is checked in the defined SANs and newly defined hostname is not added into the SAN.

If the is.dev.wso2.com also added as a SAN issue gets resolved. Hence the document should be changed to add the is.dev.wso2.comalso as a SAN in,

Add localhost as SAN for the certificate (-ext SAN=dns:localhost) as the internal hostname is by default localhost. For that, navigate to the <IS_HOME>/repository/resources/security directory on the command prompt and use the following command to create a new keystore with CN=is.dev.wso2.com and localhost as SAN

Describe the improvement
In https://is.docs.wso2.com/en/latest/deploy/change-the-hostname/#change-the-hostname options 1, the given command should be changed to add the is.dev.wso2.com as a SAN as below.

keytool -genkey -alias <alias_name> -keyalg RSA -keysize 2048 -keystore <keystore_name>.jks -dname "CN=, OU=<organizational_unit>,O=,L=,S=<State/province>,C=<country_code>" -storepass <keystore_password> -keypass <confirm_keystore_password> -ext SAN=dns:localhost,dns:is.dev.wso2.com

Related Issues:
#16181