There's one way around that which is requesting a wildcard cert, but then that has its own rammifications