Works like charm
1. Run those commands on the CA server
certutil -setreg policyEditFlags +EDITF_ATTRIBUTESUBJECTALTNAME2
net stop certsvc
net start certsvc
2. In the Attributes box, type the desired SAN attributes. SAN attributes take the following form:
san:dns=dns.name[&dns=dns.name]
For example : To add two DNS names to the SAN field , you can type :
san:dns=corpdc1.fabrikam.com&dns=ldap.fabrikam.com
Note : Some services requires that the Subject name of the certificate , is also the first entry of the SAN certificate extension . Suppose you are issuing a certificate for Exchange OWA , and you need to include the internal and external URL in one certificate with SAN field . The subject of the certificate will be ( OWAInternal.contoso.com) and the SAN field will be ( OWAInternal.contoso.com, OWAExternal.contoso.com)