I have a small REST server running on a local network, with a bunch of client applications connected (via IP address).
I want to secure this traffic so that access tokens cannot be sniffed.
According to This answer I can create a self signed cert. using an IP (although not common). If i go down this route (assuming no physical access to the server box itself) is this secure?