As far as I know, a public SSL implementation should be considered just as secure as a private key of the same strength (e.g., 256 bits). Be sure to check what strength the public key is before you put in a lot of work! A typical public key might be considered too weak for handling financial information these days, simply because it was set up years ago when 128 or 256 bits was considered good.
A public key is referenced by https://<LP_server_name>/~<your_account_name>/... I've never tried it, but it might be possible to refer to your subdomain via its subdirectory name under the root. It costs nothing, so you could give it a try and see what happens. I can't swear that some browsers might not pop up a warning that you have content being loaded from two different SSL-protected domains, but you'll just have to see.