SSL cert on same domain?!

My host company Servage seem to say that they cannot host a SSL certificate on the same domain.
For example if you have a site www.mysite.com, the SSL cannot also be active for www.mysite.com...something to do with the DNS.
They say I have to have http on http://www.mysite.com and https on https://mysite.com

WTF!

Almost every site on the internet has SSL for the same domain that it is operating on doesn't it?

Technically www.mysite.com and mysite.com are not the same domain. Usually only very large websites have certificates on both. Until recently, even Amazon did not have a valid certificate on both.

If you want to have HTTPS at both addresses, you can either buy a separate certificate for each, or you can buy a wildcard certificate that covers both. Your host is correct that a normal single domain certificate will not work for both. That is by design, and there's nothing the host can do about it.

They weren't saying that www.yoursite.com cannot be both HTTP and HTTPS. It totally can. They were saying that www.yoursite.com and yoursite.com (no "www") cannot - at least not with the same certificate.

The problem seems to be this in the DNS they have
*.mysite.com A pointing to 71.xx.xx.xxx
mysite.com A pointing to 71.xx.xx.xxx
www.mysite.com A pointing to 78.xx.xx.xxx

The www now has the SSL cert, which is why it points to a different IP.

So, doesn't this mess up my site? If a user goes to http:www.mysite.com
it's going to pick up the wrong DNS entry?

If a user goes to www.mysite.com it's going to send the request to the IP 78.xx.xx.xxx. Whether that's wrong or messes up your site isn't something I can answer. If your site is working correctly, then it's not wrong. If your site isn't working correctly, then it might be wrong.

the 78 is the shared SSL. In other words, I will not be able to access my site on http://www.mydomain.com because the dns will never pick it up.

You can't have separate DNS entries for HTTP and HTTPS. DNS only operates at the domain name level, it can't deal with ports or services at all.

A web server that is configured to serve HTTPS traffic is nearly always configured to serve HTTP traffic too.

Given the way your DNS records are set up, I would expect 78.xx.xx.xxx and 71.xx.xx.xxx to be the same physical server. I would also expect http://mysite.com/, http://www.mysite.com/ and https://www.mysite.com/ to all serve the same content. The first would resolve to the 71 address, and the latter two would resolve to the 78 address.

However, the fact that you say "shared" SSL is a potential red flag. When a host refers to SSL as being "shared" it means there are some caveats to the way the system is set up that make it not operate like a standard SSL setup. Often the caveat is that you have to access the secured site over the host's domain name (so that you don't have to buy your own certificate), although there is no official technical definition of "shared" SSL so it could mean whatever the host wants it to mean.

What actually happens right now when you try to visit http://www.mydomain.com/? Do you get a 404 page? Does the connection time out?

I get a "the server is redirecting in a way that cannot complete" error.
Some kind of loop that wordpress must be doing to do with sessions or other.

Try testing it with just a plain .html file so you can rule out or rule in problems with WordPress. But yes, I agree that it's probably a problem with WordPress.

What is the correct way to setup the DNS so that
http://www.mysite.com goes to IP 71.xx.xx.xxx
and https://www.mysite.com go to IP 78.xx.xx.xxx

current dns:
*.mysite.com A pointing to 71.xx.xx.xxx
mysite.com A pointing to 71.xx.xx.xxx
www.mysite.com A pointing to 78.xx.xx.xxx

It is impossible to do that. There is no way to configure DNS so that HTTP goes to one IP and HTTPS goes to a different IP.

But this is how the hosting company propose to setup the DNS.
Perhaps the SSL goes through reverse proxy type setup?

I do agree with E-Oreo that mysite.com and www.mysite.com are totally different. But that does not mean you have to buy Wildcard SSL or multi domain SSL, You simply buy domain ssl certificate from GeoTrust and RapidSSL, bear in mind buy ssl for www.mysite.com not for mysite.com

Dedicated IP address is required to secure your www.mysite.com and mysite.com with rapidssl certificate or geotrust quickssl premium certificate. So you need same IP address for those both domain names like
Mysite.com: 71.xx.xx.xxx
www.mysite.com: 71.xx.xx.xxx