A few weeks ago we enabled Server Name Indication (SNI) on all of our servers.

SNI allows you to use an SSL certificate for your secure site (https) without having to buy a dedicated IP address.

It works by having the browser send the hostname as part of the initial handshake so the webserver knows which certificate to use even if multiple certificates are used on the same IP address.

Note however that while SNI is supported by most modern browser some older browsers (notably all versions of Internet Explorer on Windows XP) don’t support it. If you choose to use SNI and someone visits your secure site with a browser that doesn’t support SNI they will receive our default certificate and their browser will display a certificate-mismatch warning.