Encrypting a certain port 9998

Letsencrypt is working for port 443, but the port 9998 is not secured. How can I secure the port?

To say, https://example.com is working but https://example.com:9998 is not secured.

Hi @allison9y,

You’ll need to share more information. What webserver are you using? How did you issue the certificate initially?

Hi @allison9y

global answer: If you want to use a certificate with a special port (port 5001, 8080 etc.), you have to do additional steps.

Sample: Your 443 port uses

        SSLCertificateKeyFile /etc/ssl.key/example.com.key
        SSLCertificateFile /etc/ssl.crt/example.com.crt

Then your port 9998 can use the same configuration -> a restart is required, if the 9998-server uses another binary.

1 Like

I am using AWS EC2 & Route 53. I used Let’s Encrypt following

https://certbot.eff.org/lets-encrypt/ubuntubionic-nginx, with sudo certbot --nginx.

Hope this helps.

Can I be more clear on that? I can get that 9998 port can use the same configuration like 443 but can it use the same certificate key and file? If I cannot, how can I issue a different certificate for the port?

    listen 443 ssl;
    listen 9998 ssl;
    SSLCertificateKeyFile /etc/ssl.key/example.com.key
    SSLCertificateFile /etc/ssl.crt/example.com.crt

Hope this question is valid.

Please share your configuration you have used to create the port 443 - certificate.


Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:

I ran this command:

It produced this output:

My web server is (include version):

The operating system my web server runs on is (include version):

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know):

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):

1 Like

New to encryption so I tried to generalize it. The configuration didn’t work so I am going to work around with proxy and a domain, which worked.

Anyway, thanks.

1 Like