Why does my wildcard SSL certificate cause a domain mismatch error on a second level subdomain?

https ssl ssl-certificate

I have a server https://www.groups.example.com - in FireFox I get the "This Connection is Untrusted" message and the "technical details" say

www.groups.example.com uses an invalid security certificate. 
The certificate is only valid for the following names: 
*.example.com, example.com (Error code: ssl_error_bad_cert_domain)

What other info do I need to provide in order to resolve this? Just getting confirmation of setup but am 99% sure it's Linux and using VHOSTS. Will update question as soon as this is confirmed.

Is it the fact that www.groups.example.com is seen as having 2 levels of subdomains?

The issuer is DigiCert


RFC 2818 in "3.1. Server Identity" states that

Names may contain the wildcard character * which is considered to match any single domain name component or component fragment. E.g., *.a.com matches foo.a.com but not bar.foo.a.com.

So yes, it's the fact that it's two levels of subdomains that is the problem.

Related

Can I purchase a certificate for my domain that can sign other certificates for subdomains?
NRPE unable to read output, but why?
What replaces IIS SMTP server in Windows Server 2012
Is it necessary to burn-in RAM for server-class hardware?
Is IIS SFTP natively supported by Windows Server 2012 R2?
How to setup Apache NameVirtualHost on SSL?
Sendmail to local domain ignoring MX records (part 2)
MySQL slave replication reset with no Master Downtime (using MyISAM)
IIS 7.5 Redirect / URL Rewrite to mobile version of website
Email delivery management grievances
How do MyISAM and InnoDB Utilize HD Space?
How do I setup sshd to require both a private key and a password?