[captn3m0]

Cloudflare has to issue a single SSL certificate that is shared across multiple sites. The cost of a certificate is not proportional to the number of alternative names in the certificate, and is a fixed cost.

As a downside to this, they have to use SNI, which is not supported in any IE+XP combination, along with a few older mobile browsers as well.

[kelnos]

You're mistaken; certs with multiple SANs don't make use of SNI. SNI is used (required) when you have multiple distinct certs. CloudFlare is not using SNI likely specifically because of the IE+XP issues (among others) that you point out.

[captn3m0]

Yeah, I got the two mixed up. SNI doesn't mean multiple hostnames on a cert. It means multiple certs on the same IP.

However, due to high costs behind getting IP addresses, CloudFlare does use SNI for its free tier. Its paid customers on the other hand get their own IP per hostname.