I use the opposite scenario: IIS is both the web server and reverse proxy (for OpenSuse). I have a single IP (dynamic) and multiple web sites on a single certificate installed on the Windows server. IIS handles all redirections to SSL from port 80 and matching site headers.
Having an additional layer seems like it’s adding complications, but maybe your configuration is better served by it.