It depends whether they are the same virtualhost within your web server.
If they are the same virtualhost, then you should generally put both of the names on the same certificate.
If they are on separate virtual hosts, then you can have them together or separate, it’s a totally aesthetic choice, besides having to issue/renew two separate certificates.
If you did use one certificate, the only potential downside is that people would be able to see all of the names together if they went in an inspected the certificate details (which nobody really ever does anyway). Since your company and your SaaS are probably already publicly associated, I can’t imagine it’s a huge problem.
It will, however, halve the amount of work you need to do every 60-90 days, if you are manually renewing the certificate for these domains, so it seems like a sensible choice.
What you need to do, depends on how you got the certificate. If you plan to manually issue certificates using some kind of a tool/website and then upload them to Bluehost cPanel, then yes, you’d need to renew them by hand that often.
Usually Let’s Encrypt is meant to be used in an automated way - e.g. Bluehost integrates it and it automatically renews for you. However this isn’t always the case because hosts don’t always support free/automatic SSL, so you’re stuck doing things manually .
If you can link your domain or what cPanel server you are hosted on, I can check if it has AutoSSL enabled (a cPanel feature for free automatic SSL).
From the UI, I'm not sure. I use a combination of Robtex, crt.sh and some tricks with how cPanel works to see how certificates for domains on a cPanel server were issued.
However, given that you have to email Bluehost to install a certificate, I would strongly suspect that the answer is that AutoSSL is not available.
No, I don't know much about US-based hosting, sorry. You could check out the thread of hosting providers I linked to a couple of posts back.
"Most" cPanel hosts will have AutoSSL enabled (even if they're not listed in that thread), since it is enabled by default. It's a good question to ask pre-sales when signing up to any host.
Also consider that it may be a better investment for you to just pay up for a 1-3 year duration certificate from a commercial CA, have Bluehost install it and not worry about the problem for a while - totally up to you.
Sorry for the late response. I use Digital Ocean. If you get a referral link I think $10 free credit. Also if you want to go cheaper Ramnode is an option
I always do this when visiting websites XD
When I visit a website, I always watch the certificate chain, the type of certificate (eg. DV)
The common name, the issuer and etc!