We will initially only support base domain validation via DNS for wildcard certificates…
Why is it only validated via DNS for wildcard certificates?
You also need to validate via HTTP.
For example, for the wildcard certificate *.example.com, confirm domain ownership for example.com.
It’s not so difficult to do?