Novell Access Manager 3.1
Access Manager support Pack 1 has been applied.
The option "Alternative name(s)" is only available when the local certificate authority is used.
This problem falls back to the PKI APIs that are restricted in what we can populate in this alternate name field.
Enhancement has been put in to get this option in for the future.
Workaround that could be used is the following:
Use openssl on the IDP to generate the CSR straight with openssl and to have it signed by the CA.
After importing the signed cert there, we could export it in pkcs12 format and just import that into the Access Manager.
In any case, it is up to Certificate Authority's policy to accept the request for the alternate subject name.