I haven't seen too many discussion on this and most are stale so I thought I would put it out there again. We are in the process of upgrading from WC v9.1 M070to WC v10.1 M040. On a test v10 system, I followed PTC document # CS134592 and the WC 10.1 M040 Installation and Configuration Guide to setup Apache and Windchill for HTTPS. We are using an internally signed certificate.
After the installation and configuration, we're getting the double authentication; the first being Windchill and the subsequent being the Java applets. I opened a case with PTC and they claim there is not solution to this issue and recommended we just tell the users to check the "Save password" checkbox. Unfortunately, this seems to only work for the current session and IT has security concerns with saving passwords.
I'd be curious to know what other sites are doing and if anyone is using SSL with Apache? Any recommendation? Should we consider IIS?
IIS is not going to solve any problems you mentioned any more then apache.
What you should request from PTC is to avoid authentication on applets and track whose using the applet differently or better scrap java applets altogether. Not an immediate solution . You may consider setting disable preference for new document file upload to avoid using them as often. You could also try to use form based login instead in 10.1.