We use a wildcard SSL cert with our demo cluster:
But this is terminated at an nginx proxy not at Sync Gateway.
Depending on which CA you got your cert from you may have to merge in the root certificates as mobile device OS’s do not ship with the same root cert set as desktop browsers.
We had issues on our demo cluster with a Go Daddy Cert and Android OS, to resolve this we merged the GoDaddy intermediate/root certs into our domain certificate .pem file.
On Linux you can use openssl to validate a remote certificate chain e.g.
openssl s_client -showcerts -connect demo-mobile.couchbase.com:443