wildcard and multi-domain certificate support (n to n)

we kind of allow this implicitly now in HEAD.

Or rather, we don't enforce which domains they can be assigned to, so it is up to the admin to decide how he wants to associate them.
The access at the moment is based entirely on clients.

At the very least i'm going to put this as needs work.

these are supported.

can someone explain how this is done in aegir2?

I keep getting errors around needing to add more IP addresses

As SocialNicheGuru I have exactly the same problem on Aegir 2. I cannot use one key for all sites like I was able to on Aegir 1. This is a clean Aegir 2 install as upgrade from aegir 1.11 to Aegir 2.0 failed.

Upgrading from 6.04 to 6.x-2.x

Use case: Wildcard cert for example.org, and wish to provision new sites @ http://sitename.example.org. (Or I have a cert with subject altname.)

Aegir refuses to provision a second site and recycle the certificate unless the server has a free IP address. Using SNI I should be able to do this. (Noted, will not work for non-SNI browsers so no IE7+Windows XP or old Android clients.)

The notice and error messages from Aegir when trying to save the site are,

• Any changes will take effect once the scheduled Verify task has been processed.
• Task verify was added to the queue. Next queue run is 07:43:12+1300, server time is 07:42:57+1300.
• cleaning up unused certificate 0 associated with site 1185
• Site site1.example.org has been updated.

• (error)Unable to allocate IP address for certificate, disabling SSL. Allocate more IP addresses to this server then try to enable SSL again.

Check for this is in hosting_ssl_save_key() in web_server/ssl/hosting_ssl.nodeapi.inc, and hosting_ip_allocate() is in server/hosting.ip.inc

#2215789: Remove unique IP per SSL site requirement