SAP CAL SSL certificate expired in JAVA AS (S4X),

Application is on neweaver/JAVA AS. After SSL expiry, the port is Not Active. We get handshake error(Peer certificate untrusted) if we do RFC H connection test to XSA_FSQUO

1. If we create a csr request in this, we still can't proceed to get SSL from a CA as this FQDN is on local hosts file and we can't verify ownership.
2. What is the process to create a self signed certificate in case of JAVA netweaver.