The new Auto SSL system is great, but it lacks one feature:
if you create a sub-subdomain, it should create a regular HTTP-validated certificate for the sub-sub name, instead of using the wildcard certificate (which doesn't cover sub-subdomains).
if you create a sub-subdomain, it should create a regular HTTP-validated certificate for the sub-sub name, instead of using the wildcard certificate (which doesn't cover sub-subdomains).