You must use a fully-qualified primary domain name for UCC Certificate Request.
We called GoDaddy and according to them there was no way around this. So after attempting to generate a customized CSR with the Request-CsCertificate command without any success, we found how to manually generate a customized CSR using the certreq command.
First create an INF file called cert.inf with the following content:
[NewRequest]
Subject = “CN=name.company.com“
Exportable = TRUE
KeyLength = 2048
MachineKeySet = True
FriendlyName=”Your Cert Friendly Name“
KeySpec=1
[EnhancedKeyUsageExtension]
OID=1.3.6.1.5.5.7.3.1 ; Server Authentication
[RequestAttributes]
CertificateTemplate=WebServer
SAN=”dns=meet.company.com&dns=dialin.company.com&dns=lync.company.local“
Then use the command
certreq –new cert.inf cert.req
If you get an error about not having a template just ignore it. Then open the cert.req file that was created in notepad and copy the CSR and paste it into GoDaddy. I had to manually add my alternate names on the GoDaddy page, but it went through and I was then able to successfully import the cert into Lync. The common name was the FQDN and one of the alternate names is the private pool name in Lync.