You can use a certificate on an entire site, it's just not needed. When used on an entire site the certificate request would be for yourdomain.tld or www.yourdomain.tld and all directories beneath would be secured. However, if you tried to use that same certificate on secure.mydomain.tld, the warning would be triggered informing the visitor that the site they are visiting and the certificate domain do not match. The certificate will still provide the same degree of security in either case, and the user can elect to accept the certificate.

In reality there is no such thing as a shared certificate. The term describes a certificate that's installed at the on the servers shared IP address and typically it could be accessed by using your domain name, however, as it's installed on the default site it would be necessary to use mod_userdir to access your site. The url might look something like this:
https://www.yourdomain.tld/~yourusername/ or https://www.another_domain/~yourusername/. If the certificate was issued to another_domain, then there wouldn't be a warning pop-up. So a host may purchase that certificate and all users would use the same url to access without warning.