So, I have an app on one server that I've configured to have SSL. However, it makes a bunch of API calls to another one of my servers, but that server has more than one service and no SSL. I know for a fact that if I add SSL to the second server, a lot of the apps on it will break and I don't want to have the downtime of those apps/webpages. The first server isn't in production yet, but the second one is and has multiple pages/apps.
My setup is basically this:
First server:
superwebpage.coolexample.com
and this ^ server (with SSL) makes API calls to api from the server (without SSL) below:
myweb.example.com/api
myweb.example.com/app2
myweb.example.com/anotherimportantwebpage
myweb.example.com/importantwebpage
However, my application from the first server is obviously breaking because all of the API calls aren't secure and I just get a bunch of mixed content warnings.
The reason server 2 doesn't have SSL is because I just didn't need it because no important information is being transferred until now.
My question, broadly, is what are my options? I want to avoid taking the second server down for however long it's going to take to fix all the errors that'll occur from each app/webpage that I have up on the server. I also want to have SSL on the first server because users will be logging in with passwords.
More specifically, can I make just that one folder serve https without affecting the other folders? I think that'd fix the problem, but I'm not sure it's possible.
