encyclo - 2:32 am on Jan 3, 2013 (gmt 0)
Thanks for the reply, the server has the latest version of OpenSSL (1.0.1c) and no cPanel to worry about, so I have no issues regarding setting it all up (well, the hosting company can do it!). I just hate the frivolous use of dedicated IPv4 addresses. I have access to plenty of IPv6 addresses, but the forum CMS doesn't support IPv6, let alone my users :)
I've checked the stats for the site in question, and there are only about 5% of visitors using the problematic IE/XP combination - and I'm guessing that not all of those users would chose the secure site.
I think I'm going to go ahead and try it out using SNI. I assume that XP/IE users would get a certificate error with a red address bar, like with a self-signed cert?