We’re running a service that requires that our customers point a subdomain at our web servers to get the service going. We would like to use letsencrypt to automatically generate a cert for that specific subdomain, preferably without the customer being involved. Since we control the subdomain, can we issue a cert for just that subdomain without involving the main domain owner?
Yes, that will be possible. Your certificate will only be valid for the subdomain then.
Will this be available during the public beta or do we have to wait for GA?
This has always been possible and GA already happened. Beta is just an additional badge for the official client.