Generate self-signed root certificate using makecert.exe and imported in Trusted Root Certification Authorities.
Since, Mozilla Firefox has it own list of Certification Authority (CA) certificates, imported self-signed certificate into Firefox's Authority certificates list.
Generate derived certificate with CN=*.test.com
Setup proxy server which uses self-signed certificate.
Browsing something.test.com with Internet Explorer and Chrome, certificate is accepted and no security issue warning is shown. Firefox shows error message
'something.test.com uses an invalid security certificate. The certificate is only valid for *.test.com (Error code: ssl_error_bad_cert_domain)'.
Problem seems to be about using wildcard in CN, because if i generate derived certificate with CN=something.test.com no error is shown for none of the browsers.
Solved problem by using Multi-Domain (SAN) Certificate.
makecert.exe is unable to generate SAN Certificate. at least i can't find out how.
Used OpenSSL to generate SAN Certificate and it worked.
OpenSSL PKI Tutorial is good resource to know how generate SAN Certificate.