inn using two certificates

[Bill Tangren]

I have an odd problem, and I don't know where the correct place to ask 
questions would be. So, pardon if this is not the correct place.

I have inn 2.4.1 running on a Linux box here at work. The server offers 
half a dozen or so private newsgroups, but no public ones. I am using 
xinetd to offer secure newsgroup access outside our firewall, and a 
standalone service for secure and unsecure access behind the firewall. 
Each access method has its own readers.conf tailored for its use. This 
Linux box has several names in DNS assigned for its single IP number. 
Many of the users here use thunderbird to access the newsgroups.

It all works well, except for one thing: I have one cert set up for the 
server, using the most commonly used name for the server (A). If a user 
uses thunderbird to set up newsgroup access using secure access, and he 
uses one of the other names for the server (B), then EVERY time they 
start their client, it (the client) tells them that server B has a 
certificate that contains the name A. This popup message is useful if 
you are accessing a non trusted server, but it is annoying here. I have 
found no way to stop it.

Does anyone know how I might compile inn (or nnrpd) to use more than one 
certificate?

I have thought about setting up a third nnrpd service that uses a 
different secure port, but I have no control over the firewall, and 
cannot get another port open in it.

I have thought about turning off name resolution in nnrpd (-n) but I'm 
not sure this will help

It would be easiest if I could get the users to not use server name B, 
but I may as well wish I could fly. Also, there are good reasons why a 
second server name is necessary, even to access the newsgroups.

Any thoughts?

Bill Tangren