Update to confirm the new Pair/LE integration on their shared hosting servers worked perfectly for me today.
Following your advice, I did not chose to use the Wildcard certificate. (Not necessary for me, now I understand more fully.)
I simply used the Pair LetsEncrypt button in the ACC (Control Panel) for each of my four domains, as they approached their renewal time, and after a few minutes the ACC showed them as all done.
I verified each certificate in a browser view, and they had all updated.
My Error log however DID show an Apache2.4 warning, which Pair Support advised can be safely ignored;
I obfuscated my domain to post here;
www.example.com [Fri Mar 09 22:21:39 2018] [warn] [pid 19079] ssl_engine_init.c(1113): [client AH01909: www.example.com:443:0 server certificate does NOT include an ID which matches the server name
www.example2.com [Fri Mar 09 22:21:39 2018] [warn] [pid 19079] ssl_engine_init.c(1113): [client AH01909: www.example2.com:443:0 server