Wildcard certificate issuance is now allowed (unless pre-authorization is used).
Not everyone running EJBCA will want to allow this. → Config
Affects AcmeAuthorization object among others.
We will also need tests of this.
Order Objects 7.1.3
Any identifier of type "dns" in a new-order request MAY have a wildcard domain name as its value. A wildcard domain name consists of a single asterisk character followed by a single full stop character ("*.") followed by a domain name as defined for use in the Subject Alternate Name Extension by RFC 5280 [RFC5280]. An authorization returned by the server for a wildcard domain name identifier MUST NOT include the asterisk and full stop ("*.") prefix in the authorization identifier value. The returned authorization MUST include the optional "wildcard" field, with a value of true.