Recently .internal was formally accepted and reserved by ICANN for private-use applications. It can be used like *.subdomain.internal as opposed to *.subdomain.home.arpa.

The Chromium project also addresses this issue in Chrome fails to recognize wildcard SSL certs for sites xxx.home.arpa