Required Multiple SSL certificate or SAN name update on VIP ?

Hi ,

Please help in clarify the below query.

I have a VIP which has servers (webfarm) used for re-direction of legacy website to new websites. Here multiple website are being re-directed to new websites.

Client side SSL Certificate attached to this VIP has www.abc.com & abc.com SAN name in it. CN: name is www.abc.com.

we see error below error, when user types https://www.xyz.com

" This server could not prove that it it www.xyz.com; its security certificate is from abc.com. This may be caused by a misconfiguration or an attacker intercepting your connection.

Proceed to www.xyz.com(unsafe)"

when user click to proceed, its is again redirecting to new website with no issue.

Here i wanted to get rid of SSL error which is obviously coming from VIP. I wanted to know, if SAN name update with www.xyz.com and xyz.com will solve the case or we need to have multiple certificate applied to VIP. I also checked something on SNI but i'm not aware on it much and never implement one.

It is like:

User ->https://www.abc.com->VIP(SAN: abc.com)-> No error.

User -> https://www.xyz.com-> VIP(SAN: abc.com)-> getting SSL error as mentioned above.

VIP has IIS servers in pool which do re-direction from legacy to other websites.

Please suggest.

Regards,

Raj