Yes you can use a wildcard XMPP certificate as long as your domain name is included in the SAN list. The choice is:
- Wildcard certificate: Can be used, but ensure that the domain is added to certificate in the SAN list. This is a common practice among the certificate providers.
- UC Certificate: These can be used as well. Create the certificate so the FQDN is the CN (common name) in the certificate. Then for the SAN list, add the same FQDN and the domain name. For example, if your DNS points to xmpp.example.com, the certificate should have xmpp.example.com as the CN, and in the SAN list, there should be two DNS names, one for xmpp.example.com and one for example.com.