I have found cases where the CA server do not include SAN names on certs requests.
Below is the command to enable an internal CA so that it allows the issuance of alternative names on a cert request. If this is not set and you
request a cert it will just ignore the alternative names when it issues the cert.
For SAN Certificate usage:
Activate the possibility to request SAN certificates with this CA
net stop certsvc
certutil -setreg policyEditFlags +EDITF_ATTRIBUTESUBJECTALTNAME2
net start certsvc