We have a site http://www.name1.domain.com for which we successfully created and implemented an SSL cert. We then added another site, http://www.name2.domain.com, and are seeing some strange behaviour in IE7 and IE8 (surprise!).
Basically, IE7,8 reports a mismatch of host name when we go to https://www.name2.domain.com/ . When I add and view this cert in IE for this domain, the host name is incorrect, but belongs to the older host name, i.e., http://www.name1.domain.com.
Firefox doesn’t have this issue, and picks up correct host name http://www.name2.domain.com for the second site without issue.
Any ideas why IE is misbehaving (apart for the sassy ones (-: ) ?
Your problem is that Internet Explorer on Windows XP (and probably other software as well) is not SNI capable.
I’ve just ran into the same problem – basically Firefox and Chrome are ok and get the correct certificate, but Internet Explorer does not. Then I’ve looked it up a bit and saw this on Wikipedia, among other things:
So, your apache/openSSL combo is SNI capable and can do this, but Windows XP is not.
My solution is that I’m putting the primary subdomain first in the VirtualHost configuration, and the secondary less. At least there is less explanation to clients on why this pops up.
I don’t know if it would work for you though.