How to secure both root domain and wildcard subdomains with one SSL cert?

Solution 1:

Yes, it works just fine. You'll commonly see the wildcard as the certificate's Subject in wildcards issued by public certificate authorities, with the base domain as a Subject Alternative Name, but I believe the opposite arrangement works as well.

Take a look at the certificate you've generated - are the alt_names being correctly incorporated into the certificate?