Server Name Indication (SNI) is an extension to the TLS protocol. This allows a server to present multiple certificates on the same IP address and port. In other words; multiple secure (HTTPS) websites can be served off the same IP address without requiring all those sites to use the same certificate.
See the RFC documentation at https://tools.ietf.org/html/rfc6066#page-6.
Before SNI was introduced, it was necessary to add one NIC (and additional listener for the Access Point) for each server certificate. Now, it is possible to use DNS mappings instead.
How to use it:
Go to Manage System -> Certificates and add all the server certificates that you would like to use.
Go to Manage Resource Access -> Global Resource Settings -> DNS Name Pool. For each DNS name in the server certificate(s), select 'Add DNS Name for Access Point...' and map the DNS name to a certificate. Note: a certificate can have one or more DNS names in subjectAltName. Common Name (CN) is only evaluated in a certificate if subjectAltName is not present (see https://tools.ietf.org/html/rfc2818#section-3.1).
Go to Manage System -> Access Point and select a registered Access Point. The certificate selected here will act as a fallback certificate. If no DNS-to-certificate mapping can be found when trying to access a certain DNS, then this certificate will be used. No additional listeners have to be added.