Server name indication (SNI) allows you serve multiple sites with different TLS/SSL certificates using a single IP address. Nginx has support for SNI for quite some time and actually setting it up is easy, simply add server entries for the corresponding sites. There is one caveat, the server_name entry must come before the server_certificate in order for SNI to be activated:
server {
listen 443 ssl;
server_name www.example.com;
ssl_certificate www.example.com.crt;
...
}
server {
listen 443 ssl;
server_name www.example.org;
ssl_certificate www.example.org.crt;
...
}
is good, but
server {
listen 443 ssl;
ssl_certificate www.example.com.crt;
server_name www.example.com;
...
}
server {
listen 443 ssl;
ssl_certificate www.example.org.crt;
server_name www.example.org;
...
}
will serve the wrong certificate for www.example.org.