diff --git a/Makefile b/Makefile
index e9240cef5f3d610e70cf904a35278b406643dc51..bf35d13c5ade171e95c2ec565983eb63c9268064 100644
--- a/Makefile
+++ b/Makefile
@@ -130,7 +130,7 @@ generate-gokms-certs: generate-root-ca
 	./config/goKMS/generate-kms-certs.sh
 
 generate-integration-test-certs: generate-root-ca
-	./integration-tests/config/kms/generate-certs.sh
+	./integration-tests/config/tlsConfigs/generate-certs.sh
 
 # other targets
 cross:
diff --git a/integration-tests/code/getKSAKeyTest/getKSA_key_test.go b/integration-tests/code/getKSAKeyTest/getKSA_key_test.go
index 8fcc70042d87d4cdaf3fb3fbf01d238f3e95f8f4..a1b9c137ae15a22d7216983f6cc6135d40f2bcc7 100644
--- a/integration-tests/code/getKSAKeyTest/getKSA_key_test.go
+++ b/integration-tests/code/getKSAKeyTest/getKSA_key_test.go
@@ -79,6 +79,13 @@ func TestGetKSAKey(t *testing.T) { //nolint:gocyclo
 		logFileURL2 = logFileURL_ENV2
 	}
 
+	tlsConfig := config.TLSConfig{
+		Active:   true,
+		CAFile:   "../../../artifacts/integration-tests/ssl/ca.crt",
+		CertFile: "../../../artifacts/integration-tests/ssl/integration_test.crt",
+		KeyFile:  "../../../artifacts/integration-tests/ssl/integration_test.key",
+	}
+
 	// Tell the qkdn-controller what devices to use.
 	_, err := utils.RunGosdncScript(gosdncScript, controllerURL)
 	if err != nil {
@@ -89,13 +96,6 @@ func TestGetKSAKey(t *testing.T) { //nolint:gocyclo
 
 	requestId := uuid.New().String()
 
-	tlsConfig := config.TLSConfig{
-		Active:   true,
-		CAFile:   "../../../artifacts/integration-tests/ssl/ca.crt",
-		CertFile: "../../../artifacts/integration-tests/ssl/kms/kms2-selfsigned.crt",
-		KeyFile:  "../../../artifacts/integration-tests/ssl/kms/kms2-selfsigned.key",
-	}
-
 	url := fmt.Sprintf("https://%s/api/v1/keys/ksa_key_req", kms1AkmsURL)
 	data := RequestData{
 		ReceivingCKMSID: "5e41c291-6121-4335-84f6-41e04b8bdaa2",
@@ -161,13 +161,6 @@ func TestGetKSAKey(t *testing.T) { //nolint:gocyclo
 	assert.NotNil(t, logFile.Body.KSAKeys[0].KeyID)
 	assert.NotNil(t, logFile.Body.KSAKeys[0].Key)
 
-	tlsConfig = config.TLSConfig{
-		Active:   true,
-		CAFile:   "../../../artifacts/integration-tests/ssl/ca.crt",
-		CertFile: "../../../artifacts/integration-tests/ssl/kms/kms1-selfsigned.crt",
-		KeyFile:  "../../../artifacts/integration-tests/ssl/kms/kms1-selfsigned.key",
-	}
-
 	tlsConf, err = kmstls.GenerateTLSLibraryConfig(tlsConfig)
 	if err != nil {
 		t.Errorf("Error generating TLS config: %s", err)
diff --git a/integration-tests/config/kms/generate-certs.sh b/integration-tests/config/kms/generate-certs.sh
deleted file mode 100755
index 95a98b3381f7f0a00a8155ea98fc79702f7a45f1..0000000000000000000000000000000000000000
--- a/integration-tests/config/kms/generate-certs.sh
+++ /dev/null
@@ -1,19 +0,0 @@
-#!/bin/sh
-mkdir -p artifacts/integration-tests/ssl
-dirPath="artifacts/integration-tests/ssl"
-caPath="artifacts/ssl"
-
-if [ ! -d "${dirPath}/kms" ]; then
-        mkdir $dirPath/kms
-        counter=1
-		for FILE in ./integration-tests/config/kms/tlsConfigs/*.txt;
-            	do	openssl req -x509 -nodes -days 365 -newkey rsa:4096 -config $FILE \
-		        -CA $caPath/ca.crt -CAkey $caPath/ca.key \
-		        -keyout "$dirPath/kms/kms$counter-selfsigned.key" -out "$dirPath/kms/kms$counter-selfsigned.crt"; \
-                openssl x509 -in "$dirPath/kms/kms$counter-selfsigned.crt" -noout -text
-                counter=$((counter+1));
-        done
-	fi
-
-cp $caPath/ca.crt $dirPath/ca.crt
-cp $caPath/ca.key $dirPath/ca.key
diff --git a/integration-tests/config/kms/kms_1.yaml b/integration-tests/config/kms/kms_1.yaml
index d57612d8a7cf522b667eda153a523cd9a7dd9336..ae3efacead9b12f4fd61bfcd7b18fc9fd060f153 100644
--- a/integration-tests/config/kms/kms_1.yaml
+++ b/integration-tests/config/kms/kms_1.yaml
@@ -7,14 +7,14 @@ AkmsCkmsServerPort: "9696"
 AkmsCkmsTLS:
   Active: true
   CAFile: "config/ssl/ca.crt"
-  CertFile: "config/ssl/kms/kms1-selfsigned.crt"
-  KeyFile: "config/ssl/kms/kms1-selfsigned.key"
+  CertFile: "config/ssl/kms1.crt"
+  KeyFile: "config/ssl/kms1.key"
 GRPCTimeoutInSeconds: 600
 KmsTLS:
   Active: false
   CAFile: "config/ssl/ca.crt"
-  CertFile: "config/ssl/kms/kms1-selfsigned.crt"
-  KeyFile: "config/ssl/kms/kms1-selfsigned.key"
+  CertFile: "config/ssl/kms1.crt"
+  KeyFile: "config/ssl/kms1.key"
 Peers:
   # peer to kms02
   - PeerId: "5e41c291-6121-4335-84f6-41e04b8bdaa2"
diff --git a/integration-tests/config/kms/kms_2.yaml b/integration-tests/config/kms/kms_2.yaml
index 6bdbd36540b785cbfab777086f364b4b72426ac2..4fdae65ac567529ec0347462b16b080aabc09719 100644
--- a/integration-tests/config/kms/kms_2.yaml
+++ b/integration-tests/config/kms/kms_2.yaml
@@ -7,14 +7,14 @@ AkmsCkmsServerPort: "9696"
 AkmsCkmsTLS:
   Active: true
   CAFile: "config/ssl/ca.crt"
-  CertFile: "config/ssl/kms/kms2-selfsigned.crt"
-  KeyFile: "config/ssl/kms/kms2-selfsigned.key"
+  CertFile: "config/ssl/kms2.crt"
+  KeyFile: "config/ssl/kms2.key"
 GRPCTimeoutInSeconds: 600
 KmsTLS:
   Active: false
   CAFile: "config/ssl/ca.crt"
-  CertFile: "config/ssl/kms/kms2-selfsigned.crt"
-  KeyFile: "config/ssl/kms/kms2-selfsigned.key"
+  CertFile: "config/ssl/kms2.crt"
+  KeyFile: "config/ssl/kms2.key"
 Peers:
   # peer to kms01
   - PeerId: "0ff33c82-7fe1-482b-a0ca-67565806ee4b"
diff --git a/integration-tests/config/tlsConfigs/akms1.txt b/integration-tests/config/tlsConfigs/akms1.txt
new file mode 100644
index 0000000000000000000000000000000000000000..bc0b1156ad611858650bb3e5cf71691266968182
--- /dev/null
+++ b/integration-tests/config/tlsConfigs/akms1.txt
@@ -0,0 +1,18 @@
+[req]
+default_bits = 4096
+default_md = sha256
+distinguished_name = req_distinguished_name
+x509_extensions = v3_req
+prompt = no
+[req_distinguished_name]
+C = DE
+O = H_DA
+CN = kms01
+[v3_req]
+keyUsage = keyEncipherment, dataEncipherment
+extendedKeyUsage = serverAuth, clientAuth
+subjectAltName = @alt_names
+[alt_names]
+DNS.1 = akms-simulator_1
+DNS.2 = localhost
+IP.1 = 127.0.0.1
diff --git a/integration-tests/config/tlsConfigs/akms2.txt b/integration-tests/config/tlsConfigs/akms2.txt
new file mode 100644
index 0000000000000000000000000000000000000000..2f53062f73fee0953a819cb29c1e7063b8ace314
--- /dev/null
+++ b/integration-tests/config/tlsConfigs/akms2.txt
@@ -0,0 +1,18 @@
+[req]
+default_bits = 4096
+default_md = sha256
+distinguished_name = req_distinguished_name
+x509_extensions = v3_req
+prompt = no
+[req_distinguished_name]
+C = DE
+O = H_DA
+CN = kms02
+[v3_req]
+keyUsage = keyEncipherment, dataEncipherment
+extendedKeyUsage = serverAuth, clientAuth
+subjectAltName = @alt_names
+[alt_names]
+DNS.1 = akms-simulator_2
+DNS.2 = localhost
+IP.1 = 127.0.0.1
diff --git a/integration-tests/config/tlsConfigs/generate-certs.sh b/integration-tests/config/tlsConfigs/generate-certs.sh
new file mode 100755
index 0000000000000000000000000000000000000000..bd9bbc2d51f5df58e52fcdd69f5c0c56f759efce
--- /dev/null
+++ b/integration-tests/config/tlsConfigs/generate-certs.sh
@@ -0,0 +1,24 @@
+#!/bin/sh
+dirPath="artifacts/integration-tests/ssl"
+caPath="artifacts/ssl"
+
+if [ -d "${dirPath}" ]; then
+    if [ $(find "${dirPath}" -type d -mtime +0) ]; then
+        rm -rf "${dirPath}"
+    fi
+fi
+
+if [ ! -d "${dirPath}" ]; then
+        mkdir -p $dirPath
+		for FILE in ./integration-tests/config/tlsConfigs/*.txt;
+        do
+            FILENAME=$(basename -- "$FILE" .txt)
+            openssl req -x509 -nodes -days 365 -newkey rsa:4096 -config $FILE \
+		    -CA $caPath/ca.crt -CAkey $caPath/ca.key \
+		    -keyout "$dirPath/$FILENAME.key" -out "$dirPath/$FILENAME.crt"; \
+            openssl x509 -in "$dirPath/$FILENAME.crt" -noout -text
+        done
+	fi
+
+cp $caPath/ca.crt $dirPath/ca.crt
+cp $caPath/ca.key $dirPath/ca.key
diff --git a/integration-tests/config/tlsConfigs/integration_test.txt b/integration-tests/config/tlsConfigs/integration_test.txt
new file mode 100644
index 0000000000000000000000000000000000000000..10a245c2c6e081cec3dcd9445737c206386a883b
--- /dev/null
+++ b/integration-tests/config/tlsConfigs/integration_test.txt
@@ -0,0 +1,17 @@
+[req]
+default_bits = 4096
+default_md = sha256
+distinguished_name = req_distinguished_name
+x509_extensions = v3_req
+prompt = no
+[req_distinguished_name]
+C = DE
+O = H_DA
+CN = kms01
+[v3_req]
+keyUsage = keyEncipherment, dataEncipherment
+extendedKeyUsage = serverAuth, clientAuth
+subjectAltName = @alt_names
+[alt_names]
+IP.1 = 127.0.0.1
+DNS.1 = localhost
diff --git a/integration-tests/config/kms/tlsConfigs/kms1ReqConfig.txt b/integration-tests/config/tlsConfigs/kms1.txt
similarity index 100%
rename from integration-tests/config/kms/tlsConfigs/kms1ReqConfig.txt
rename to integration-tests/config/tlsConfigs/kms1.txt
diff --git a/integration-tests/config/kms/tlsConfigs/kms2ReqConfig.txt b/integration-tests/config/tlsConfigs/kms2.txt
similarity index 100%
rename from integration-tests/config/kms/tlsConfigs/kms2ReqConfig.txt
rename to integration-tests/config/tlsConfigs/kms2.txt
diff --git a/integration-tests/docker-compose.yml b/integration-tests/docker-compose.yml
index 72213b09dea4cf235ffa6856810f8af608c7270f..5af7f310252f27ece08b228b890b4fa89ae2fff3 100644
--- a/integration-tests/docker-compose.yml
+++ b/integration-tests/docker-compose.yml
@@ -55,9 +55,9 @@ services:
         "--ca",
         "config/ssl/ca.crt",
         "--cert",
-        "config/ssl/kms/kms2-selfsigned.crt",
+        "config/ssl/akms1.crt",
         "--key",
-        "config/ssl/kms/kms2-selfsigned.key",
+        "config/ssl/akms1.key",
       ]
 
   akms-simulator_2:
@@ -71,9 +71,9 @@ services:
         "--ca",
         "config/ssl/ca.crt",
         "--cert",
-        "config/ssl/kms/kms1-selfsigned.crt",
+        "config/ssl/akms2.crt",
         "--key",
-        "config/ssl/kms/kms1-selfsigned.key",
+        "config/ssl/akms2.key",
       ]
 
   qkdn-controller: