Is it possible to do this on the fly with subdomains? I have a specific problem with my instance where I have multiple domains and multiple subdomains. Right now I use a wildcard SSL because the subdomains are generated on the fly whenever a new client signs up.

Is it possible to create a new certificate without restarting all the servers each time a new client signs up?

No, that is not possible with the sabayon architecture. It needs to store letsencrypt key/token for all domains, and stores them as config vars.

You'd have to store them in a database for example to avoid having to restart the app. But that wouldn't be a good solution either, as letsencrypt will not allow you to have more than 100 domains under the same certificate.