Apple’s TLS trust policy (that what is returned by
SecPolicyCreateSSL) supports wildcard certificates per RFC 2818. However, my general recommendation when you’re shopping around for certificates is to have the prospective CA issue you a short-duration test certificate that you can use to test all the scenarios that are critical to your needs.
Share and Enjoy
Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware
let myEmail = "eskimo" + "1" + "@apple.com"