I want to use a different certificate by connection profile. Is-it possible on ASA 8.4 ?
My first certificate is for vpn.itcom.fr associated to one connection profile and my second is for vpn.newitcom.fr associated to a second connection profile.
no, this is not possible (unless the 2 certificates are used on 2 different interfaces, but I guess that that is not what you want) - the reason for this is that the ASA needs to send a certificate to the client/browser when the SSL connection initiates, so before it gets the HTTP GET request (which contains the Host header indicating which hostname you are connecting to). So at that time the ASA would not yet know which of the 2 certs to send.
However, there is an alternative that you may find useful: you can create/request a single certificate that contains both hostnames (there can be only one in the Subject/DN, but you can have multiple SAN - Subject Alternate Name). There may be an additional cost associated with this if you are requesting the cert from a 3rd party CA.
To map a hostname to a connection profile (tunnel-group), you can configure a group-url per tunnel-group.
tunnel-group foo webvpn-attributes
(don't know off the top of my head if it should include the trailing slash - try without if it doesn't work).
This part should work regardless of the certificate - you'll just get a certificate warning if the hostname you connect to is not in the ASA cert.