Let’s say I have an SSL certificate that is installed on the server for domain example.com. The server is set up to use the same certificate for subdomain sub.example.com, however the certificate doesn’t cover any subdomains as it has been purchased only for example.com. Now obviously, when I go to sub.example.com, the browser will first complain about wrong certificate but will allow me to “continue anyway”. When I choose to continue anyway and access sub.example.com via SSL this way is my connection still secure? If it is less secure than when having a valid certificate then how less secure is it, what aspects of security are compromised?
One of the use cases is for admin panels, etc. which are used only by a couple of developers so it’s not really a problem if each of them adds a security exception to their browser - but is the transmission still secure?