FTL.log; WARNING SSL/TLS certificate <FILE> does not match domain <DOMAIN>!

[Eddict]

Versions

• Pi-hole: Core version is v6.0.1 (Latest: v6.0.1)
• AdminLTE: Web version is v6.0 (Latest: v6.0)
• FTL: FTL version is v6.0 (Latest: v6.0)

Platform

• OS and version: Debian GNU/Linux 12 (bookworm)
• Platform: Proxmox container

Expected behavior

I would not expect this warning as my certificate is a wildcard SSL certificate

Actual behavior / bug

webserver.webserver.tls points to a valid TLS (SSL) certificate file, which is a wildcard certifcate.
CN = domain.com
subject alt names contains "domain.com", ".domain.com" and ".sub.domain.com"

webserver.domain is set to "sub.domain.com"

Steps to reproduce

Steps to reproduce the behavior:

test above with a wildcard certificate containing "domain.com", ".domain.com" and ".sub.domain.com" and set webserver.domain to "sub.domain.com". restart pihole-FTL service

Debug Token

• URL:
  [✓] Your debug token is: https://tricorder.pi-hole.net/N1Pc1r8T/

Screenshots

Additional context

[DL6ER]

FTL should check the extra SAN domains. Could you please run

pihole-FTL --read-x509 /etc/pihole/tls.pem | pihole tricorder

and provide the uploaded token? You should first run it without the "| pihole tricorder" to see there is nothing bad uploaded. If you don't want this, you can also post it here in sanitized form. I somehow have the feeling there my be no exact match somewhere as you said "wildcard". This may be confusing FTL.

[Eddict]

i ran the command, but pointing to another file (the /etc/pihole/tls.pem is still the default pi.hole certificate).
i used the same file as in toml setting [webserver.tls].cert

https://tricorder.pi-hole.net/aQ2BTQC6/