Yes, setting up Portal and federating with your existing Server will be a good way to integrate the security models between items and services.
In regards to your other questions:
I watched ESRI UC workshops (2016) and read a few articles that stated I need 2 web adapters? 1 for Server and 1 for Portal? The ArcGIS Server is currently using SSL cert on the web-adapter;
do I need to purchase a new SSL Cert for Portal?
You will need two web adaptors, one for Portal and one for Server. They can exist on the same web server machine, (just name the new one differently from the Server one). Since they'll exist on the same web server, you don't need a new SSL cert as the existing one will be used for the new web adaptor.
I also read its ideal to have server and portal on separate machines for isolation which is not a problem but will this cause issues with the web-adapters?
If your machine is large enough to run both Portal and Server, there's no problem putting Portal on the same machine as Server. There are arguments both ways, though. If you have everything on one machine, if the machine goes down, all components go down. If you separate components and the Portal goes down, that's the authentication mechanism for secure services, so those services won't be accessible, but non-secured ones will be. If Server goes down, you can still access webmaps and web apps and all services not running on the Server will display.
To wrap up, it's up to you:
1) You can install the Portal on another machine, the new web adaptor on the existing web server machine, and then use your existing certificate and register the new web adaptor with the Portal.
2) You can install Portal on the other machine, install the web adaptor on that machine, and then you'll need to acquire a new certificate for the new web server.
3) You can put everything on one machine. You won't need a new certificate in this case.