[Coilcore]

This is a complex question because the answer is not so straight forward.

Two of the purposes for certificates are encryption and host validation. You can always use one cert for multiple domains and you will get the encryption part of this process. But the host validation will not be correct, for example the cert is signed for 'mail.domain.com', so a request to 'mail.example.com' will not match the hostname, and will consequently trigger a warning. Assuming users ignore this warning they will still get the encryption part of the TSL.

Getting a warning is no small thing. Many small footprint clients will not even prompt on a warning, they will simply fail (this is common on mobile browsers). Additionally many users are not sophisticated enough to understand what the warning means, so they will not proceed.

Considering you will also generate a warning with most self signed certs it may not be an issue, if you were going to go this route anyway.

If on the other hand you want to purchase multiple certificates, I will tell you that configuring this is not so simple. Apache cannot do name-based virtual hosting with multiple certs, so if you want to go this route you will have to do IP based virtual hosting, which gets much more involved (mapping multiple IPs to one NIC, etc), which you will likely have to do a lot of surgury on Zimbra apache instance to make work.