The context:
I currently have a multitenant site (sub1.maindomain.com) and I am working on adding several other sites. Some of the new sites (sub2.maindomain.com, secdomain.com, ...) will probably also be multitenant.
I have certificates for each site I add, but only one IP address.
I'm working on Windows Server 2012, IIS 8.5.
The problem:
In order to allow multiple certificates I have to enable SNI in the https binding. Once I enable the SNI for the multitenant site (therefore editing the hostname) subdomains are no longer recognized (therefore no multitenancy).
Changing/Renaming/Restructuring the sub1.maindomain.com domain is not a real option, since it's being used by active clients for hosted pages among other things.
So far:
I am considering a wildcard certificate on which I can have the domains for all sites, (*.sub1.maindomain.com, *.maindomain.com, *.secdomain.com, ...) but I read that some browsers might have an issue with it and it is not recommended.
EDIT: It's been confirmed to me that I cannot consider the wildcard certificate option, mainly because of the price.
I have also tried using the Application Request Routing to solve the issue as described here but so far I it hasn't panned out.
From what I've tried so far I am either getting certificate errors in some or all of my sites, or "turning off" the multitenancy for the multitenant sites.
Any ideas on how to proceed?
