LetsEncrypt certificate for nested wildcard subdomain

I've generated Lets Encrypt wildcard certificate for my domain *.domain.com.

I thought this certificate is valid for any nested subdomain *.*.domain.com, like it.*.domain.com or fr.*.domain.com. But browsers giving me error, that wildcard certificate was issued for domain.com, and not for *.domain.com. I've tried to issue new certificate for *.*.domain.com with CertBot and it's giving me error (multiple wildcards not allowed).

Is it possible to achieve this, or do I have to manually issue wildcard certificates for each 1st level subdomain?

Thats unfortunate, so I need to generate 20 wildcard certificates :(

I'd personally question the logic of your DNS structure - most implementations tend to use hyphens or URL-rewriting to separate locales for precisely this reason. For example: domain.com/uk or uk.domain.com or store-uk.domain.com.

It depends on the site type. I found out that for content sites it makes sense to create numerous region-oriented subdomains like lang.theme_category.domain.com for better search engine indexing purposes.

Because each combination is considered as different resource which affects indexing frequency. In contrast,domain.com/theme_category/lang/ is considered as one resource so you get less bot scans by the factor of langs * categories

Each combination is not a separate site - source1 / source2. Using subdomains like this will harm SEO, not help it. A better strategy would be theme.domain.com/lang, or even better would be to use the correct localised domain - for example domain.fr or domain.de or domain.it if you have the commercial clout to do so.