Development servers are absolutely not held to the same levels of scrutiny as our payment card processing servers.
Not using letsencrypt due to other regulation is perfectly valid- but using wildcard certificates has a strong potential to cause more harm than simply using another SSL provider.
Why couldn't you instead have a deployment process that includes calling certbot automatically for the new domain then? Since the domain is likely ICANN registered right.
EDIT: it's common courtesy to explain why you downvote a post, as it stands I'm going to make the assumption the downvoters are simply too lazy to do things properly.
I didn't downvote you, but there are different reasons why you would like to use a wildcard certificate and even if those reasons are not aligned with your goals they shouldn't be dismissed.
I know two, at least. For a small communitary school in my city, teachers and students keep blogs in a wordpress multi user server, for storing data or doing webdev examples. They have a subdomain setup and cannot use ssl as the domain name will always be unknown by the person who creates the blog and the wildcard is too expensive for something they do in their free time.
I'm sure your points are valid, but you cannot define the thread model of others so easy. And don't get mad by downvotes, upvoting or downvoting is pretty boring
Development servers are absolutely not held to the same levels of scrutiny as our payment card processing servers.
Not using letsencrypt due to other regulation is perfectly valid- but using wildcard certificates has a strong potential to cause more harm than simply using another SSL provider.