SSL certificate(s) for one domain and one subdomain
There is no problem in using separate certificates(even from different issuers) for separate (sub)-domains. for consistency you may want to use one issuer, but that isn't strictly required.
In theory you can choose from:
- Two separate certificates for each domain.
- Multi-domain certificate, which includes both those domains.
- Wildcard certificate, which normally covers example.com and *.example.com
All of those options would work, but as you want the cheapest solution option 1 is the best fit.
Side note: And, the cheapest(FREE!) option is to use LetsEncrypt certificates for your (sub)domains. But that comes on the maintenance price - you'll need to replace certificates every two months, so some sort of automation would be really necessary.