If you are installing the latest 61.0 version of our PBX then you wont need the wildcard certificates for your customer domains and your own domain as well.
1) Turn letsencrypt on from, reg_settings page under "ACME Directory URL" field. Then you should have valid certificates on the PBX.
2) Delete the "localhost" cert if you have it in your certificate list, refresh, clear the caches and try again.
3) For your own domain name go to the page "/reg_settings.htm" and enter the domain name in "System management DNS address" field and hard refresh the page.
We also use two distinct certificates in our Certificates section for Snom phones in Trusted Root CA for server and Client authentication. But if they don't work for you, you can always use your own certs as well.
You can check all the details from the SSL certificate description section itself, if that doesn't help, let us know and we can try to see if we can be of any help.