Important notice: HTML5 client should be always first instance in the network chain, it plays the role of SSL decrypter.
Even if you decide to use third part web server like IIS/Apache the HTML5 instance should be still the SSL decrypter else no Websocket connectivity will be available (or you will have to setup IIS/Apache in reverse proxy mode if HTML5 should stay second instance). The HTML5 instance has to decrypt it to distinguish packets to be correctly forwarded.
Let’s assume you have 3 different domains pointing to same IP
my-domain.com (188.8.131.52 -> 127.0.0.1)
second.my-domain.com (184.108.40.206 -> 127.0.0.1)
some-domain.com (220.127.116.11 -> 127.0.0.1)
In order to serve different certificates according to the domain name do following.
1. create subfolder “multicerts” under “*\Clients\webserver\” folder like so “*\Clients\webserver\multicerts\“
2. rename approved *.jks files for example above
https://my-domain.com/ > ***\webserver\multicerts\my-domain.com.jks
https://second.my-domain.com/ > ***\webserver\multicerts\second.my-domain.com.jks
https://some-domain.com/ > ***\webserver\multicerts\some-domain.com.jks
(if you have multidomain certificate *.my-multidomain.com and you want to serve this certificate for all domains ending
with .my-multidomain.com inclusive my-multidomain.com then add leading point to jks certificates name as in example
https://****.my-multidomain.com/ > ***\webserver\multicerts\.my-multidomain.com.jks)
3. restart HTML5 in AdminTool GUI or reread configuration locally on server http://127.0.0.1/w0j3?cert.jks
In such case when ever you access
https://my-domain.com, https://second.my-domain.com or https://some-domain.com you will get different certificates served (however this requires SNI support by browser, but all modern browsers support it for longer time)
For other unrecognized (not in “multicerts” folder) domains the default *\Clients\webserver\cert.jks will be served.
This SNI feature makes sense only for authority signed certificates, for self signed certificates one such cert is enough, since it makes no sense to serve different self signed certificates.