I don't have multiple sites, but while configuring IHS this weekend (also to address POODLE...) I came across info that may help you.  Go to this URL and download the PDF presentation from IBM (Open Mic Webcast: Implementing TLS support with IBM Domino 9.x and IBM HTTP Server (IHS) - 19 November 2013 (Q&A, presentation, audio recording))

http://www-01.ibm.com/support/docview.wss?uid=swg27039743

It has a section starting on page 16 of the presentation that has info about configuring the IHS with multiple internet docs.  Plus lots of other good stuff.

Boy, I agree with you about the "long way" to getting the SSL keyfile into IHS.  I ran the special method described by Darren Duke (here: http://blog.darrenduke.net/darren/ddbz.nsf/dx/exporting-domino-ssl-keyfiles-to-another-format-for-use-with-ihs-.htm) to convert my existing Domino kyr keyring file into the IHS format, and it involved having to run the special IBM Key Management pgm on a Win 7 machine with XP mode in order to even get the program to run.  I hate blindly following a step-by-step recipe without knowing what is behind it, but in this case I made an exception.  SSL certs are still way too esoteric  and quirky in their actual implementation to feel comfortable.  As a friend of mine says: how do SSL certs work? Magic.

Hello Mark,

thank you for response!

I had taked the same description by Darren Duke and mod the gsk5-version of ikeyman on a 32bit win7 machine. I have no idea why this doesn't work with the ikeyman, which comes out with the ihs server on the  domino machine...

The pdf is very interesting. I have made some test with this manual, but after all i get the same message from my server. My current settings are:

# To enable ssl, uncomment and add/change the
# appropiate directives

Listen 0.0.0.0:443
## IPv6 support:
#Listen [::]:443
<VirtualHost 192.168.1.34:443>
ServerName www.myserver.com
SSLServerCert myservernameinthekeydatabase
SSLEnable
#SSLClientAuth optional
SSLProtocolDisable SSLv2
SSLProtocolDisable SSLv3
#Enable debug for ssl default ssl port
#LogLevel debug
</VirtualHost>
KeyFile C:/KeyDatabase/key.kdb
SSLDisable
# End of example SSL configuration

It works even if i take the correct IP adress (only one is installed) or if i set this to "*". The server response is - encrypted with tls 1.2 - this:

Http Status Code: 500

Reason: HTTP Server: No matching Web Site, unable to process request

Has anybody any idea, how i can match the domain between the ihs and domino? Are there any switches in the domino directory to set? Thanks!

UPDATE 10:50 CET+1: I got it! And the solution was "load updall names.nsf" / "restart server" ... Grrr ... so what ... the main thing is, that is works :-)

OK, the next question:

Now i have set the second virtual server to the domino.conf file. The log from the ihs tells me the following:

.....

OK found it... i need one separate IP for every virtual server using ssl.

http://www-01.ibm.com/support/docview.wss?rs=177&uid=swg21045922