Issue
Wild card domains certificates will only cover the encryption of the first level in a subdomain if that is what has been purchased by the Organisation.
Limitations
Be aware, a wildcard domain entry in an SSL certificate will only cover the specific level of the domain where the wildcard is declared.
For example, a wildcard entry like *.domain.com will only cover sub-domains at the third-level (of the domain structure). So *.domain.com would cover sub-domains like www.domain.com and blog.domain.com. To cover fourth-level domains, an explicit wildcard entry covering that domain level is required. So *.blog.domain.com would cover domains like news.blog.domain.com and sport.blog.domain.com.
For any further level sub-domains, a wildcard domain entry covering that specific level would also be required.
Resolution
As an Acquia customer, you need to select the type of SSL certificate carefully when purchasing it from their third-party Certificate Authority. For further details of the types of certificates there are, please see our documentation.