I see some problems with certificates of some websites I have on Fastmail's file storage: both with my own domains and with Fastmail's domains(that are redirected to subdomains of user.fm).
It seems that with user.fm the certificate is for *.user.fm and some browsers don't like it, but I also saw one instance where going to
https://subdomain1.mydomain.tld generated a complaint by the browser that the certificate issued belongs to subdomain2.mydomain.tld.
I cannot investigate more deeply right now because my desktop PC right now is behind a corporate firewall that mangles certificates and firefox on my phone treats me like a child (just says "this looks dangerous, you should back off" and does not provide any real info about the certificate).
Frankly I don't see what's the advantage of https over http for static websites like those that can be hosted on Fastmail's file storage. One cannot collect visitors' data using these websites except be redirecting the visitors to a site that's hosted elsewhere. And anybody can buy a certificate identifying a domain name. Having a valid certificate doesn't mean that the owner of the domain or website is not malicious.