Encrypting a certain port 9998

allison9y · June 12, 2019, 1:16pm

Letsencrypt is working for port 443, but the port 9998 is not secured. How can I secure the port?

To say, https://example.com is working but https://example.com:9998 is not secured.

cpu · June 12, 2019, 1:27pm

You’ll need to share more information. What webserver are you using? How did you issue the certificate initially?

JuergenAuer · June 12, 2019, 1:54pm

global answer: If you want to use a certificate with a special port (port 5001, 8080 etc.), you have to do additional steps.

Sample: Your 443 port uses

        SSLCertificateKeyFile /etc/ssl.key/example.com.key
        SSLCertificateFile /etc/ssl.crt/example.com.crt

Then your port 9998 can use the same configuration -> a restart is required, if the 9998-server uses another binary.

allison9y · June 13, 2019, 5:30am

I am using AWS EC2 & Route 53. I used Let’s Encrypt following

https://certbot.eff.org/lets-encrypt/ubuntubionic-nginx, with sudo certbot --nginx.

Hope this helps.

allison9y · June 13, 2019, 5:35am

Can I be more clear on that? I can get that 9998 port can use the same configuration like 443 but can it use the same certificate key and file? If I cannot, how can I issue a different certificate for the port?

    listen 443 ssl;
    listen 9998 ssl;
    SSLCertificateKeyFile /etc/ssl.key/example.com.key
    SSLCertificateFile /etc/ssl.crt/example.com.crt

Hope this question is valid.

JuergenAuer · June 13, 2019, 5:45am

Please share your configuration you have used to create the port 443 - certificate.

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:

I ran this command:

It produced this output:

My web server is (include version):

The operating system my web server runs on is (include version):

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don't know):

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):

allison9y · June 14, 2019, 1:32am

New to encryption so I tried to generalize it. The configuration didn’t work so I am going to work around with proxy and a domain, which worked.

Anyway, thanks.

system · July 14, 2019, 1:32am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Which cert do I use for 443?	2	1587	December 21, 2015
Certificate on port 9000 (for websockets) Help	5	1428	April 13, 2022
Letsencrypt behind NAT different port Help	10	13584	January 3, 2018
SSL with specific port on Nginx server Server	7	10070	November 20, 2016
Generating letsencrypt ssl certificate for customised port Help	2	715	March 14, 2021

Encrypting a certain port 9998

Related topics