Matching certificate for VPC-Link HTTPS endpoint in API Gateway

I would like to change my API from HTTP to HTTPs in API Gateway, but get the following error:

Endpoint request headers: {x-amzn-apigateway-api-id=ghqsfz8w25, 
Accept=application/json, User-Agent=AmazonAPIGateway_xxxx,, 
Endpoint request body after transformations: 
Sending request to
Execution failed due to configuration error: 
Host name '' does 
not match the certificate subject provided by the peer (CN=*
Method completed with status: 500

With the following configuration:

  • A wildcard certificate * is used
  • The wildcard certificate is assigned to the NLB 443 listener
  • The NLB is integrated with vpce-svc-xxx318ce endpoint in VPC Endpoint Services (AWS PrivateLink)
  • The wildcard certificate is assigned to the custom domain in API-GW
  • The custom domain includes mappings to different APIs (like:,

The settings of the API method are

With HTTP this configuration was working. Now it seems that I need to associate the VPC endpoint with the wildcard certificate. It is my first experience with AWS and I am not a network expert. Any ideas how I can fix this issue.

Thanks in advance!