What you thought about HTTPS is wrong – Server Name Identification (SNI)
##What you thought
If you learnt about https and TLS 5+ years ago you might be carrying around a huge, incorrect, assumption that you must have one IP address per host name you needed support.It’s true, as implemented TLS does not permit the server to know what the hostname of the HTTP request. This prevents the handshake to establish communication to be completed as the server does not know what private certificate to present to the client. If it did attempt to use a default certificate then a hostname mismatch would be the result.
##SNI changes this
However an extension called Server Name Indication (SNI) exists which helpfully overcomes the problem by including the name of the server which a client is attempting to access. Most modern browsers, current version of cURL and tools support SNI with the only major browser exception been any version of IE under Windows XP. In a recently published patent filing by Microsoft they claim “The adoption of SNI across all clients is approximately 65%-75% as of September 2011″. Clearly as time progresses this number will undoubtedly rise.
Whilst you don’t want to be relying on SNI for e-commerce adoption is probably at a level which supports using it within some organisation where the access of some systems is by a handful of reasonably technically competent people or the clients accessing are know to support SNI.