SSL and domain mapping excluding pages

I am after some practical and impartial advice on choosing the best SSL certificate in relation to domain mapping for my multisite. Choosing a wildcard sll is an obvious choice with domain mapping set to the original network domain. This I also believe would be better from an seo perspective of using subdomains and now, choosing to have ssl active site wide. Any mapped domain would also map to a https version.

Another option would be to go for an UC SAN additional (true business id or true business id with EV). This would allow to have other external businesses I host to add their own domains to my certificates in a cost effective way.

The question I have is this. Choosing a wildcard would allow a cost effective means to cover both all my own on sites, and potentially other businesses that host through me. Other businesses want to use a mapped domain for obvious reasons, rather than the network domain. Is it possible to exclude pages (such as ecommerce checkout) from any domain mapping and use the original network domain (with a wildcard)? That way, I could opt for the wildcard and still offer SSL benefits for other businesses with mapped domains.

Your article on this was most helpful. Just want to fully understand the potential or limitations of choosing a wildcard and excluding pages. Kept on getting re-direct loops when I tried to explore, so guess I am missing something.

Read your article, and have tried excluding pages, but creates a re-direct loop.