Neil Harris wrote:
You will need one IP address per HTTPS server name, since you cannot virtual-host HTTPS: however, there's nothing to stop a single machine from having as many IP addresses as desired, and thus as many HTTPS servers as desired. This also means that load-balance cannot "look into" the encrypted HTTPS connection to see where to send the traffic to: it will have to go by the destination IP address. However, HTTPS can still be load-balanced, you just need a different external IP address for each visible service, and one internal IP address for each HTTPS service on each server within the load-balancing cloud.
HTTPS does support virtual hosting. You can have certificates with wildcards, e.g. *.wikipedia.org, and you can even have certificates that list multiple second-level domains. In theory we could even support https://en.wikipedia.org/, by having LVS pass the traffic off to an SSL proxy cluster, which forwards to the Florida squids via a secure tunnel.
-- Tim Starling