For what it's worth, the CA Buypass will issue certificates without a Common Name field. Then you wouldn't have to use a second domain.
Some TLS clients may not accept such certificates, though.
I'm not certain if acme.sh will easily request a certificate without a Common Name. I think yes but I'm not sure.
On the other hand, Buypass's production environment does not offer wildcard certificates yet. (They don't allow you to use two domains, either! At least on their free certificates.)
For that matter, I'm uncertain Buypass actually allows super long domains. They could have a policy restriction.
Edit: The thread tdelmas linked to is really good, especially jsha's post laying out the situation, in general and from Let's Encrypt's perspective.