Cisco ISE allows you to install a certificate with multiple Subject Alternative Name (SAN) fields. A browser reaching the ISE using any of the listed SAN names will accept the certificate without any error as long as it trusts the CA that signed the certificate.

The CSR for such a certificate cannot be generated from the ISE GUI. You will need to use openSSL in order to generate the certificate.

Generate a Certificate for ISE that Binds to Multiple Names  [Cisco Identity Services Engine] – Cisco Systems.