I have a webserver i would like to deploy with multiple SSL certificates installed for a number of different domains.
Currently I have it working with a distinct certificate for each domain needing to be secured (currently 2). My problem is when connections are made from Internet Explorer clients running windows xp. Since these OS/browser combinations do not support SNI the browser rightfully throws a certificate mismatch error because it serves up the root certificate for the webserver which was just a self signed test certificate.
Would using a SAN certificate issued to both domains (as well as others for future use) installed on the root domain for the webserver solve these problems? Could I then not have to renew the current single site certificates, and strictly use the SAN moving forward installed at the root and for any other of the domains listed in the SAN
Any insight would be appreciated.