Have both Hostname and FQDN in SSL Certificate on IIS
Solution 1:
A fundamental underlying principal of certificates is trust. Trust requires identifying the parties involved (server and/or client), by specifying a fully-qualified name. A single-label name does not fulfill the identity requirement, and therefore cannot be trusted. Certificate Authorities should not issue and applications should not trust single-label names.
You should not use single-label names to connect to services that use certificates, you should use the fully-qualified name that matches the certificate instead.
Solution 2:
Yes, is possible.
You need to create a certificate with two Subject Alternative Names (SAN) fields. One with "citrix" and the other with "citrix.contoso.com". I would keep the CN to citrix.contoso.com but have in mind that the CN field is ignored if your certificate has SAN fields. To create a certificate with SAN fields follow Microsoft instructions How to Request a Certificate With a Custom Subject Alternative Name