Actually, my clients login to my platform
Una cosa útil para saber es que "actual"/"actually" en Inglés quieren decir "verdadero/en verdad". "Current"/"currently" son mejores como equivalentes de "actual"/"actualmente" en Español.
You shouldn't need a different domain.
How is your DNS configured now?
There are three steps to think about for your configuration.
Step 1: Obtaining the certificate
The Let's Encrypt certificate can refer to one or more names. For each name covered by the certificate, your Let's Encrypt client software needs to prove that you control that name.
Currently, there are two practical ways to do this: either by creating a file on the web server or by creating a DNS TXT record.
For the file method, the inbound validation connection will arrive on port 80 of your server and so you must be able to create the appropriate file in the HTTP service on port 80, whichever software is providing that service.
For the DNS method, you normally need to have an API from your DNS provider that allows you to create DNS TXT records from software on your server. Some DNS providers have such APIs, and others don't.
Step 2: Applying the certificate
You'll need to configure both Apache and IIS to use the certificate. Both applications will need to listen on a different port for HTTPS than for HTTP. So, you'll need to have four different port numbers: HTTP for Apache, HTTP for IIS, HTTPS for Apache, and HTTPS for IIS (unless you want to completely stop offering unencrypted HTTP services for one or both of the services).
This may require converting the file format because the certificate format expected by IIS is usually different from the certificate format expected by Apache. You don't need to obtain separate certificates (even if the services are accessed using separate names, your certificate can be requested to apply to both names), but you do need to make copies in the appropriate file formats. People often use the openssl
program to perform these conversions.
You can configure the Apache server by editing configuration files (creating an HTTPS virtualhost), while you can configure the IIS server using its graphical interface (creating an HTTPS binding).
Step 3: Renewing the certificate
Let's Encrypt certificates only last for 90 days so an important challenge would be to create scripts that can repeat all of these steps automatically in order to obtain a new certificate. This might be a relatively complex task because Let's Encrypt client applications commonly offer integration with Apache, or integration with IIS, but not both. So your Let's Encrypt client application may not include functionality for updating the certificate in both server applications.
Hablo Español pero soy hablante no-nativo; tal vez sería útil también invitar a @sahsanu, que es hablante nativo y ya ayudó a muchos usuários aquí en Español.