You can work with wildcard certs and your hostnames need not be enumerated.
How is giving every internal host a wildcard cert not a cure far worse than the disease in 99 percent of the cases?
How is giving every internal host a wildcard cert not a cure far worse than the disease in 99 percent of the cases?