e.g. contains control characters, Punycode conversion fails
There are quite simply too many certs with bogus DNS labels out in the wild,
and it just doesn't make sense to bother every .com domain holder because
GoDaddy signed a cert with a DNS name like "www. just4funpartyrentals.com"
It is highly unlikely any validator will ever match that DNS name.
1. Trim leading and trailing whitespace of DNS names.
2. Trim http:// and https:// prefixes.
3. If DNS name contains a slash, ALSO process the DNS name up to
the first slash, since it's probably a URL.
Andrew Ayer