This was due to provisioning a wildcard for an entire TLD (reference).
Some software like curl appears to error about no matching SAN, whereas it would be valid if the wildcard belonged to a domain under the TLD like *.example.internal.
This was due to provisioning a wildcard for an entire TLD (reference).
Some software like curl appears to error about no matching SAN, whereas it would be valid if the wildcard belonged to a domain under the TLD like *.example.internal.