To be fair ... I don't think that command is actually the bare minimum required? The link I posted makes it clear that Let's Encrypt requires a SAN in their CSRs.
In one of my previous posts I gave the exact syntax for the openssl command that getssl uses, which does put a SAN in the CSR.
However, the point stands that writing your own Let's Encrypt client does presume that you understand a fair amount about the details of certificates, and ... well, it seems like you do not. If you are struggling at this level, I do echo Osiris's suggestion that you use an already-existing client.