Apologies bud, I misread the question!
Two options, I think. You can either minimise downtime when migrating the main, cloud, subdomain. Alternatively, if you wanted to be super sure, you could go and buy an SSL cert for a few quid/dollars/etc which covers all domains, including the cloud subdomain.