Can we use different port number for HTTPS than 443 in IIS?

 Yes, you can use a different port number for HTTPS than the default port 443 in IIS (Internet Information Services). However, keep in mind that using a non-standard port for HTTPS can be less convenient for users because they would need to include the port number in the URL when accessing your website.

To configure IIS to use a different port for HTTPS, follow these steps:

1. Open IIS Manager: Press Win + R, type inetmgr, and press Enter to open the Internet Information Services (IIS) Manager.

2. Select Your Website: In the Connections pane on the left, expand your server node, and then click on "Sites." Select the website for which you want to configure a custom HTTPS port.

3. Edit Bindings: In the Actions pane on the right, click on "Bindings."

4. Add HTTPS Binding: In the Site Bindings window, you should see an existing HTTPS binding on port 443. To add a different port, click the "Add" button.

5. Configure HTTPS Binding: In the Add Site Binding window, set the following values:

• Type: Select "https" from the dropdown.
• IP Address

To avoid the need to include the port number in the URL when accessing your website with a custom HTTPS port, you can use a reverse proxy server like Nginx or a load balancer to route traffic from the standard HTTPS port (443) to your custom port on the backend server (IIS). This way, users can access your website using the standard HTTPS port, and the reverse proxy or load balancer will handle the port translation behind the scenes.

Here are the general steps to achieve this:

1. Install and Configure a Reverse Proxy Server or Load Balancer:

   • Install a reverse proxy server like Nginx, Apache HTTP Server, or set up a load balancer like HAProxy.
   • Configure the reverse proxy or load balancer to listen on port 443 for incoming HTTPS traffic.

2. Configure Port Forwarding:

   • Set up port forwarding on your network router or firewall to forward incoming traffic on port 443 to the IP address and custom port of your IIS server.

3. Update DNS Records:

   • Ensure that your DNS records (e.g., A or CNAME records) point to the public IP address of your reverse proxy or load balancer.

4. Configure Reverse Proxy or Load Balancer Rules:

   • Create a configuration rule in your reverse proxy or load balancer to forward incoming HTTPS traffic to your IIS server's custom port.

   • For example, in Nginx, you would configure a server block like this:

     server {
         listen 443 ssl;
         server_name yourdomain.com;
         ssl_certificate /path/to/ssl/certificate.crt;
         ssl_certificate_key /path/to/ssl/privatekey.key;
     
         location / {
             proxy_pass http://your_iis_server_ip:custom_port;
             proxy_set_header Host $host;
             proxy_set_header X-Real-IP $remote_addr;
             proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
         }
     }
     

5. Test Access: After configuring the reverse proxy or load balancer, test access to your website by visiting the HTTPS URL without specifying the custom port. Users should be able to access the site using a standard URL like https://yourdomain.com instead of https://yourdomain.com:custom_port.

By following these steps, you can ensure that users don't need to include the custom port number in the URL when accessing your website, while still allowing your IIS server to run on a non-standard HTTPS port for internal communication.