To be clear, this is an accurate description:
No, it's RouterOS. The whole thing is basically like an early alpha version that leaked out prematurely. It's fine as techdemo, but not actually usable yet. You can get one certificate, it works, and that's it. It doesn't even renew, at least not automatically.
Since one never know if things change, I just tested the on V7.8 with an expired cert. But everything here is manual. Since these things expire after 90 days, some practice here. I remove manually any old LE certs to be sure. And after the updating the cert, the internal web server doesn't always seems to use it right away, so you have to toggle the /ip/service of https and/or reboot in my experience after it updates the certificate. But the dns-names with multiple does produce the "2.5.29.17" with all of them in the LE certs. And you can see the /certificate/enable-ssl-certificate go through the validation step for EACH domain name in the CLI.
That being said, to @Sob point... When I care about TLS working publicly, I just pay for a wildcard one to get a longer expiration. But LE be fine in these cases – IF only just renewed automatically (and used DNS validation to avoid port 80). It is quite annoying. But the multiple names problem I ran into early, I like service-based DNS names (e.g. webfig.<fqdn>, sstp.<fqdn>, etc) – even only one router today, unwinding client to split these things up later is annoying.