SSL only works with a specific IP address, a specific host header value, and a certificate. All three of those have to match in order for the packets to be considered “secure”.
IIS has to know what IP address *specifically* to use for the SSL portion.
Without SSL, IIS can just willy-nilly accept packets on whatever old IP address and process it. But with SSL, the IP address comprises a significant portion of the protocol.
An SSL certificate is only good with one domain name/hostname, and one IP address. It’s the way the protocol is designed.
IE, you can’t have somehost.domain.tld and someotherhost.domain.tld both secured with the same SSL certificate. Each must have it’s own IP address and domain name and separate SSL cert.