I've got to allow a handful of users FTP into one of our web servers. We host about 5 websites on it, with nothing bind to the default. In other words, when you go to the IP, you don't get a response.
Does it matter what hostname is on my SSL certificate?
It depends on what you are trying to do with the certificate.
Each hostname needs its own SSL certificate. So any user trying to access xyz.com or abc.com with a web browser won't get a security warning. However, nobody said you have to use several different hostnames for FTP.
FTP is usually site agnostic and access to web folders are controlled by a username to home-folder mapping so it doesn't matter what hostname you use to connect, or if you just use the IP address. You can purchase an SSL certificate for a single hostname and just inform every user of that hostname to connect to FTP. i.e. Website1 = xyz.com; Website2 = abc.com; FTP address = ftp.mycompany.com. All three hostnames would resolve to the same IP address of the server.
It's also less important to have a valid certificate for FTP, so you could opt to just use a self-signed certificate. In this case, you could create an ftp.xyz.com and ftp.abc.com without having to purchase any SSL certs.
It's really up to you and what the exact scenario is and what "experience" you want your users to have.
