(1) Matching the dot with "*" is a violation of RFC 2818 (HTTPS), and other RFCs regarding TLS-protocols (IMAPS/LDAPS/...) are not less restrictive.
(2) Matching anything with top-level-wildcard "CN=*" is bad practice.
(3) Not showing "subjectAltName:dNSName=*" in the standard vertificate view but matching it with any domain name is VERY BAD PRACTICE (although replacing "CN", "subjectAltName" is hidden in the "details", see bug #238142).
I fully agree to the former poster:
(1) Matching the dot with "*" is a violation of RFC 2818 (HTTPS), and other RFCs regarding TLS-protocols (IMAPS/LDAPS/...) are not less restrictive.
(2) Matching anything with top-level-wildcard "CN=*" is bad practice.
(3) Not showing "subjectAltName :dNSName= *" in the standard vertificate view but matching it with any domain name is VERY BAD PRACTICE (although replacing "CN", "subjectAltName" is hidden in the "details", see bug #238142).
This is a security issue and should be fixed.