I have a Windows 2012 server with IIS & Tomcat running on port 80 & 8080 respectively.
I want to make the web applications running on both the Web servers SSL enabled.
Since both are running same serer, would it be possible for me to get one certificate per server and install on both the web apps?
Best Answer
It is possible to install the same certificate on both IIS & Tomcat. The same certificate could also be installed on several different servers, e.g. for regionally located servers for the same domain. The only requirement is that the Common Name of the certificate (or one of the Subject Alternative Names on SAN certificates) matches the servers hostname (on HTTP
Host:
header i.e. addressbar). In this kind of setup you could have IIS listening on default HTTPS port443
and Tomcat on alternate8443
.If you wish to be able to access both on default port
443
, you can use IIS as a Reverse Proxy. In this scenario, IIS takes care of the TLS, so you can use the existing HTTP Connector on port8080
internally (possibly binding it only to localhost) without encryption and only install the certificate on IIS.