If some hosts have not implemented Server Name Indication (SNI), the download site should have a dedicated SSL certificate, similar to update.joomla.org.0 SSL: no alternative certificate subject name matches target host name 'downloads.joomla.org'
Ref. viewtopic.php?f=710&t=954975&hilit=sni#p3494187
https://issues.joomla.org/tracker/joomla-cms/9281