If you are placing a load balancer in front of the SPS, are you terminating SSL at the load balancer?
If so, do you even need SSL again between the load balancer and the SPS.
Anyway, assuming that you do need SSL between the LB and the SPS (or if the LB is configured not to terminate SSL), then traditionally it was not possible to configure multiple SSL certificates when using name-based virtual hosts. However, this problem has been solved for a number of years now, using "Server Name Indication". There's a good article on this on the Apache httpd wiki.
According to the SPS documentation, it says that SSL for name based virtual hosts is not supported (scroll down to end of link). However, this appears now to be out of date, as it appears that the version of Apache that is shipped with the SPS does meet the pre-reqs for Server Name Indication SSL certs.
In the httpd-ssl.conf file, you probably have a default virtual host entry that begins with the following tag
<VirtualHost _default_:443>
You can add additional SSL vhost entries below that for name-based virtual hosts, as per the following example:
<VirtualHost *:443>
DocumentRoot "C:/Program Files (x86)/CA/secure-proxy/httpd/htdocs"
ServerName vhost1.demo.inc:443
ServerAdmin admin@demo.inc
ErrorLog logs/vhost1-ssl-error.log
TransferLog logs/vhost1-ssl-access.log
SSLEngine "on"
SSLProtocol All -SSLv3
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile "C:/Program Files (x86)/CA/secure-proxy/SSL/certs/vhost1.crt"
SSLCertificateKeyFile "C:/Program Files (x86)/CA/secure-proxy/SSL/keys/vhost1key.pem"
# Certificate Authority (CA):
# For client cert authentication
SSLCACertificatePath "C:/Program Files (x86)/CA/secure-proxy/SSL/certs"
SSLCACertificateFile "C:/Program Files (x86)/CA/secure-proxy/SSL/certs/ca-bundle.cert"
SSLVerifyClient "none"
SSLVerifyDepth "10"
SSLOptions +StdEnvVars +ExportCertData
<Files ~ "\.(cgi|shtml|phtml|php3?)$">
SSLOptions +StdEnvVars
</Files>
<Directory "C:/Program Files (x86)/CA/secure-proxy/httpd/cgi">
SSLOptions +StdEnvVars
</Directory>
BrowserMatch ".*MSIE.*" \
ssl-unclean-shutdown
CustomLog logs/vhost1_ssl_request.log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>
It's just a copy of the default virtual host with the private key and cert updated, and the log file names updated.
I tested this in r12.52 SPS, and it works for me.
Hope this helps
Pearse