Certificate mismatch on branch subdomains

Hi folks! I’m investigating a certificate issue with branch subdomains for one of our sites, vprd-utg-jsapp-online-giving.netlify.app. The DNS record for our production site, give.utexas.edu appears to be managed through Netlify DNS. The production site is served over HTTPS with a Let’s Encrypt certificate obtained through Netlify.

We also have branch subdomains set up for testing and QA environments, which both appear to be managed through Netlify DNS. However, these sites are not successfully served over HTTPS and cause the browser to give security warnings because the certificate served does not match the domain. For the branch subdomains, the certificate appears to be a wildcard cert for *.netlify.app rather than for test.give.utexas.edu, qual.give.utexas.edu, or *.give.utexas.edu.

The *.netlify.app certificate works fine for HTTPS if the branch subdomains are visited with their Netlify-assigned domains, test–vprd-utg-jsapp-online-giving.netlify.app and qual–vprd-utg-jsapp-online-giving.netlify.app, but we’d like to be able to access all of the sites through their custom domains.

Is this issue caused by something we’ve misconfigured, or am I otherwise missing something? Is it possible to have a wildcard certificate issued for the give.utexas.edu domain? Thanks for any assistance!

DNS is managed by The University of Texas

% dig give.utexas.edu NS
give.utexas.edu.	600	IN	NS	glass.its.utexas.edu.
give.utexas.edu.	600	IN	NS	marianas.its.utexas.edu.
give.utexas.edu.	600	IN	NS	chisos.ots.utexas.edu.

Have a read over this support guide regarding using using branch subdomain and provisioning of SSL when not using Netlify DNS