You do not need touse any server_name at all in that block; moreover, that _ doesn’tact as a wildcard at all. One benefit is that out of date domains don’t display a certificate error in the browser, however instead appear to be really offline. It’s important to notice that enabling ssl_reject_handshake can impression the usability…
