I have a working primary domain, uslab.byu.edu, for the netlify site effervescent-narwhal-6efcb6.netlify.app. The TLS for this site works as expected – the certificate is for uslab.byu.edu.
I configured the same CNAME for internet.byu.edu, a secondary domain for the site, but this one gets a *.netlify.app certificate, which browsers reject as being for the wrong name.
Is there someway to get a TLS certificate that matches the secondary domain name?
Summary of external DNS configuration:
uslab.byu.edu → CNAME effervescent-narwhal-6efcb6.netlify.app
internet.byu.edu → CNAME effervescent-narwhal-6efcb6.netlify.app
