I have a VS which client access using both FQDN and IP and I need it to be HTTPS.
I have a legitimate cert for the FQDN (wildcard) and I've created a certificate for the IP address using a CA we have inhouse.
I've also included SAN values for DNS and IP in this cert.
When I attach each certificate individualy to the VS and try to access it accordingly, everything works fine, so I know the certs are legit.
When I put both certs in the VS and configure their SSL profile with Default SNI and ServerName, it also selects the FQDN cert, even if the client access using IP address.
Any suggestions why this happens?
Using version 18.104.22.168.
Check the bug tracker but your settup is strange as the idea behind SNI is the same server IP address to be used by the server that host different domains:
Also is the wildcard cert the default SNI cert? Do your client support SNI (for certificates that are not using the IP address do the clients match them correctly and only the one with the IP address is having issues)?