You can contact the CA and ask if they'll add a private domain, but the answer is likely no.
Keep in mind that the RADIUS server certificate for 802.1X does not have to be a real DNS name.
You could do auth.public-domain.com even though that may not exist in DNS. It is simply presented to the user to verify the server's identity.
The other option is to use a private cert and distribute the CA cert to clients.
Thanks,
Tim