Thanks for the quick reply - I asked my hosting provider about options to save 10 a month because we are a startup and is tight - they came back with the following - would reissuing the SSL make a difference or is the answer still need to buy the $10 a month option?
I checked the SSL certificate issued by Cloudflare and it is listed with the following two hosts:
halagard.com, *.halagard.com (2 hosts)
The second host is known as a wildcard subdomain and it can be applied to essentially any subdomain on your halagard.com domain. As such the current SSL should suffice and should cover the subdomain, however since there is a mismatch with the SSL, I suspect that the subdomain has not yet been authorized through the Cloudflare systems. When previewing the site through our server directly and bypassing Cloudflare, the staging site opens up correctly.
I believe that this universal SSL may need to be re-issued by Cloudflare, however since we do not have access to their systems, we cannot do this from our end, unfortunately. As such I would advise you to again contact their support team so they can assist you with this issue further and hopefully, they are able to re-issue the SSL for you.