Step 3 (NOTE): What IPs are to be placed here - "san @IP_address --san IP_address"?

Hi,

I have an Ubuntu Server 20.04 for Minecraft (no GUI). I connect to it via PowerShell and my Linux laptop with the server’s private IP. I would like a little extra security by spoofing or hiding the IP address of my server. I am a bit nervous to test this out as I am brand new to Linux.

A VPN service recommended this tutorial for what I am trying to accomplish.

I get stumped on step 3, particularly the “Note” (–dn “CN=IP address” --san @IP_address --san IP_address ).

First, I run this:

pki --gen --type rsa --size 4096 --outform pem > ~/pki/private/server-key.pem

Then, I run this but change one line:

pki --pub --in ~/pki/private/server-key.pem --type rsa
| pki --issue --lifetime 1825
–cacert ~/pki/cacerts/ca-cert.pem
–cakey ~/pki/private/ca-key.pem
–dn “CN=server_domain_or_IP” --san server_domain_or_IP
–flag serverAuth --flag ikeIntermediate --outform pem
> ~/pki/certs/server-cert.pem

The line I will replace is “–dn[…]”. Since I am using an IP instead of DNS, I would need to place my device’s private IP here - “CN=IP address” - but I am not sure what the other two san ones are for? Are they random IPs or is it just my device’s IP two more times?

My other questions:

1. Will I be able to use this VPN and find my server on Minecraft Java?
2. Will it slow down the connection?
3. I set the UFW rate limit rule to open the 25565/TCP port.
4. Will I be able to connect to my server from one of my approved (publickey) devices?

Thanks and regards, Josh