IIS LAN and WAN separate SSL certificates for the same server

ssl-certificate local-area-network iis windows-server-2012-r2 wide-area-network

Solution 1:

You can use single public certificate for both, external and internal clients. There is no need to use separate certificate for internal clients. Keep things simple.

Solution 2:

You can't use different certificates for the same website (*). Use a public certificate, internal clients will trust it just fine.

(*) There are workarounds, but they are quite cumberstome and you shouldn't use them unless absolutely required.

Solution 3:

I would agree with the other comments that if a simpler setup works for you, go simple. But to answer your original question, you can have multiple site bindings - you would setup one with the internal IP address and internal certificate, and another with the external/DMZ IP and public certificate. I would also suggest defining a host name per binding and selecting the Require SNI checkbox (not checked below but should be).

IIS Site Bindings, https selected

Related

How to make in SSH private key from one line, three lines [closed]
What differences are between a NAS, a shared disk file system on a SAN, and a distributed filesystem?
Ubuntu 20.04 minimal: "Unable to locate package python-pip"
.class specific search and replace
Level 47 dweller disappeared while exploring the wasteland
Why can some game updates be applied automatically and some require download? [closed]
How do powerups and pickups stack up in Temple Run 2?
Star Wars Battlefront: Do healing streaks increase your trait card level?
Notepad++ and Dreamweaver - Tab Conversions
cross-hair problem when viewing as a third person
Same game doubly shared on Steam
Cannot find pip on PowerShell