if you have a us domain like mysite.com it will generate certs for both domain mysite.com AND www.mysite.com

But there is a bug that if you have a non us domain like mysite.com.br (with 2 dots) it will only generate cert for one domain: www.mysite.com.br OR mysite.com.br - never both. This causes a series of issues on some browsers like firefox that it will say your site is insecure if you access from www/non-www option even you make a redirection.

This bug is caused due on line 300 and 302 of wp-encrypt/inc/WPENC/Core/Util.php it will detect if domain is a subdomain measuring the number of dots the string has:

if ( 1 === substr_count( $addon_domain, '.' ) ) {
      $all_domains[] = 'www.' . $addon_domain;
} elseif ( 2 === substr_count( $addon_domain, '.' ) && 'www.' === substr( $addon_domain, 0, 4 ) ) {
       $all_domains[] = substr( $addon_domain, 4 );
}

i solved the issue changing the '1 ===' to '2 ===' and '2 ===' to '3 ===' as a emergency correction as all my domains are non us: ATTENTION this is not a recommended solution as it will not work with a us domain like .com