Okay, but I don't understand how to ensure the certificates are issued for both
So far, it seems to me that the criteria are random, since I can't understand how to take control of them.
Your logic does not seem to work when the domains are, for example,
domain.com.br would be split into:
It would then mean
domain.com.br is a subdomain of
com.br, but it is a root domain. And these root domains are not getting the alternate
www certificates as needed.
The print below will explain better than my words.