Wild card domains certificates will only cover the encryption of the first level in a subdomain if that is what has been purchased by the Organisation.
Be aware, a wildcard domain entry in an SSL certificate will only cover the specific level of the domain where the wildcard is declared.
For example, a wildcard entry like
*.domain.com will only cover sub-domains at the third-level (of the domain structure). So
*.domain.com would cover sub-domains like
blog.domain.com. To cover fourth-level domains, an explicit wildcard entry covering that domain level is required. So
*.blog.domain.com would cover domains like
For any further level sub-domains, a wildcard domain entry covering that specific level would also be required.
As an Acquia customer, you need to select the type of SSL certificate carefully when purchasing it from their third-party Certificate Authority. For further details of the types of certificates there are, please see our documentation.