I ran into this very same issue yesterday. I have 2 domains. In certs.godaddy.com, I made my primary domain the "owner" of the cert under "Change the site your certificate protects". It could be one.xyz.com for you. Then added my other domain as a san ,so two.xyz.com as a san.
The tricky portion for me was generating the right CSR. I was creating certs for my website under apache, so my process might be different from yours. However I found certificatetools.com very useful.
EDIT: I wanted to specify that I used only one certificate for all domains. It makes things a LOT easier to manage.