ssl asp.net-core https ssl-certificate identityserver4

Two Certificates when using Identyserver4 with asp.net core webserver?

I am going hosting an webserver and an api with the same application over asp.net core. I am using Identyserver4 to secure the API connections. Do i need a seperate Certificate for the https asp.net core website and the identityserver4?

Solution

You need at least two separate certificates. The difference is that your SSL cert must be bound to the host name and trusted for everyone accessing your server, while the signing certificate does not have any special requirements.
See this article for further reference and this question as a proof link.
It's not clear from your explanation where you host your main ASP.NET Core web site. If that's another host than where your IdSrv lives, than you need the third(!) cert to enable SSL there too.

Received fatal alert: bad_certificate
Composer Curl error 60: SSL certificate problem: unable to get local issuer certificate
Reason to disable CSRF in spring boot
Composer : SSL certificate problem: unable to get local issuer certificate
Unable to verify leaf signature
Java Keytool error after importing certificate , "keytool error: java.io.FileNotFoundException & Access Denied"
SSL, Connection is not secure
kubectl unable to connect to server: x509: certificate signed by unknown authority
Cannot figure out why DTLS handshake does not complete
file_get_contents(): SSL operation failed with code 1, Failed to enable crypto
How to Check Subject Alternative Names for a SSL/TLS Certificate?
Self-Signed CA Certificates Rejected by Android
AWS Java SDK SSL Certificates
How to use awx cli?
nodejs environment variable "NODE_EXTRA_CA_CERTS"
How to connect to MongoDB with certificate using DataGrip?
Insomnia : Error: SSL peer certificate or SSH remote key was not OK
AWS EC2 Spring Boot Deployment - SSL/HTTPS Error after Configuring Route 53, ACM, and GoDaddy
Resolving javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed Error?
Implicitly trust SSL certificates in iOS app for private API
Protecting against MitM (https) seeing password with encryption using included pub. key in iOS/Android app
Docker not able to pull images behind proxy TLS handshake timeout
How come I can make SSL connections to AWS Postgre RDS, when the ca certificate already expired?
HTTP to HTTPS Nginx too many redirects
curl error 60 while downloading https://repo.packagist.org Certificate issue on Ubuntu?
nginx the "ssl" directive is deprecated, use the "listen ... ssl"
How to install OpenSSL in windows 10?
How to enable TLS for Redis 6 on Sidekiq?
SSL: error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch
Can't send client certificate via SslStream