https://en.wikipedia.org/wiki/SubjectAltName http://wiki.cacert.org/FAQ/subjectAltName https://www.openssl.org/docs/manmaster/apps/x509v3_config.ht...

Certificate authorities charge extra for it, of course they do. DigiCert brands this as "Multi-Domain (SAN) Certificate" and charges nearly $300/yr, while my choice provider, sslmate.com offers the same for $25/yr.

And now $0 certificates with Let's Encrypt, I'm sad to see sslmate.com's business hurt, as they are the first to provide no-bullshit sysadmin-focused CLI tools to get the job done. I'm very wishful to see DigiCert.com and others like it go bankrupt, however.

I don't see any reason why Honest Achmed's request to be a CA was denied by Mozilla, https://bugzilla.mozilla.org/show_bug.cgi?id=647959 at least he is honest about his business model.