Domain cannot be opened over HTTPS at https://example.com, it shows the following warning in Chrome browser:
CONFIG_TEXT: Your connection is not private
Attackers might be trying to steal your information from example.com (for example, passwords, messages, or credit cards). Learn more
This server could not prove that it is example.com; its security certificate is from *.example.com. This may be caused by a misconfiguration or an attacker intercepting your connection.
Proceed to example.com (unsafe)
The following warning is shown in Firefox browser:
CONFIG_TEXT: Your connection is not secure
The owner of example.com has configured their website improperly. To protect your information from being stolen, Firefox has not connected to this website.
example.com uses an invalid security certificate. The certificate is only valid for *.example.com Error code: SSL_ERROR_BAD_CERT_DOMAIN
# curl -v https://example.com/
* About to connect() to example.com port 443 (#0)
* Trying 203.0.113.2... connected
* Connected to example.com (203.0.113.2) port 443 (#0)
* NSS error -12276
* Closing connection #0
curl: (51) SSL: certificate subject name '*.example.com' does not match target host name 'example.com'
Any public SSL checker, for example, this one, shows:
CONFIG_TEXT: Common name: *.example.com
SSL issued for example.com includes all it's sub-domains (*.example.com), but does not include the main (root) domain example.com
Contact SSL issuer in order to re-issue SSL for example.com: SAN name should include base domain name (example.com)