Subdomain fails without tweak to _handle_http_error

[nicobrevin]

I was failing to get a cert when requesting a cert for foo.example.com when the zone being managed by powerdns was .example.com. We're using powerdns with a custom auth proxy and it gives a 403 if you try to manage a zone that's not matched to the api key.

I accept that this isn't the normal flow of things for your average powerdns api user, but it was easily fixed by a check for 403 in _handle_http_error. Is this something you'd consider a patch for?