====== HTTPS Certificate is not properly selected on virtual hosts with some browsers ======

===== Reproductible cases =====
Visit a SSL/TLS enabled website that is hosted on a virtual host with any application that uses SSL/TLS, but that does not support [[https://en.wikipedia.org/wiki/Server_Name_Indication|SNI]]. The virtual host certificate does not include the default server host name. 

Here is a short list of platforms and clients that does not support SNI.

  * Internet Explorer on Windows XP/2003
  * Internet Explorer 7 on Windows Vista and higher.
  * Android default browser on 2.x
  * Safari on Windows XP
  * BlackBerry Browser
  * Windows Mobile up to 6.5
  * wget before 1.14
  * Java before 1.7
  * Any application that rely on the aforementionned browsers and/or engines.

===== Description of the problem =====

When accessing a webpage with a browser or a software listed above, a SSL error may be triggered. It warns that the certificate does not matches the server name, displaying the default host name instead of the virtual host name.

===== Solutions =====

Include the server default host name in a SubjectAltName field when creating the virtualhost certificate signature request.