X509 certs can be released with multiple names, to handle cases when the same server responds to multiple names, including whole domain aliases (*.domain.tlb).
This feature needs to be subject to access control, a host principal cannot ask for arbitrary names (an admin may be required to associate a specific set of names with the computer object representing the host).
Most of the request is a duplicate to #3977 (I just added more details, comments welcome). Wildcard cert request is duplicate to #3475.
Closing this one.
Metadata Update from @simo: - Issue assigned to someone - Issue set to the milestone: 0.0 NEEDS_TRIAGE
Login to comment on this ticket.