How to handle SSL certificates now that you can't have .local subject alternative names?

In the past I would do the following:

mail.externaldomain.com
autodiscover.externaldomain.com
autodiscover.internaldomain.local
servername.internaldomain.local

You can no longer include .local in the certificate as seen in the posts below:

http://support.godaddy.com/help/article/6935/using-intranet-and-reserved-ip-addresses-as-the-primary-domain-or-subject-alternative-name-in-ssls

https://www.cabforum.org/Baseline_Requirements_V1.pdf

I've been setting all of EWS, OWA, autodiscover internal FQDN to use the external FQDN.  Has anyone else been using another system for this?  Thanks in advance.