Myself. I run my own CA for internal use and sign all my own certs, and occasionally those for customers. This works only because I generally control all the devices that the certs will be used on - I wouldn't use this on public facing sites.

Wildcard certs are expensive last I checked, but simply too useful to ignore.