I have a Windows Server 2003 box already setup and working with IIS 6. IIS is set to serve a site out over both HTTP and HTTPS connections using default ports.
For various reasons I need to set Apache up on the same server and it needs to serve its pages to end-users as SSL encrypted HTTPS pages. Neither IIS or Apache are (or are ever likely to be) particularly high traffic or high usage.
The way I see it there are two possible ways this could be done.
Either export the SSL cert from IIS,set it up in Apache and get Apache to server the HTTPS connections itself over a non-default port.
Or use IIS to proxy Apache in some way over it's existing SSL security.
What is going to end up easiest to setup, configure, maintain and run? Which is going to work best? Has anyone done this sort of thing before? Any tips or things to look out for?
You could setup the IIS with a URL Rewriter that provides proxy functionality also, such as URLRewriter, and then configure IIS to proxy the requests for the Apache server based on a specific url mapping. Then you would need to configure Apache to only accept requests from the localhost to prevent direct connections to the Apache content. Lastly, configure your IIS to require IIS and you should be good to go...
Or, you could configure your IIS Server with two IP addresses, assigning IIS the first address and Apache the second address. (Don't forget about reconfiguring the IIS Server to split the port binding) Then you could simply use a different certificate for each website, as configured in the DNS resolution...