@JaredBusch Correct. The "ye olde way" is how I've typically made a CSR and private key. The link I included talks about making a configuration file, which allows you to include SAN in your CSR.
Ah, did not read the link. Yes, using a config file is the only method to get any SAN on a cert with OpenSSL.
And after re-reading my post, I realized how terrible it was . I was hoping to find a one liner kind of thing, but alas. That particular article made it clear how to do it.