By default, a CA that is configured on a Windows Server 2003-based computer does not issue certificates that contain the SAN (Subject Alternative Name) extension. If SAN entries are included in the certificate request, these entries are omitted from the issued certificate. To change this behavior, run the following commands at a command prompt on the server that runs the Certification Authority service. Press ENTER after each command.
certutil -setreg policy\EditFlags +EDITF_ATTRIBUTESUBJECTALTNAME2
net stop certsvc
net start certsvc
This changes the following entry in the registry.
More information can be found How to Request a Certificate With a Custom Subject Alternative Name
[…] On the Hub transport server, setup a stand-alone certification authority and enable SAN certificate support – https://marckean.wordpress.com/2010/12/10/how-to-request-a-certificate-with-a-custom-subject-alternat… […]