I am not sure how to open port 443 on the server for SSL.
When I run sudo lsof -iTCP -sTCP:LISTEN -P
Here is what i get
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME memcached 1723 memcache 26u IPv4 14967 0t0 TCP *:11211 (LISTEN) beanstalk 1736 beanstalkd 3u IPv4 14417 0t0 TCP *:11300 (LISTEN) sshd 1746 root 3u IPv4 14992 0t0 TCP *:22 (LISTEN) sshd 1746 root 4u IPv6 15001 0t0 TCP *:22 (LISTEN) redis-ser 1773 redis 4u IPv4 14989 0t0 TCP *:6379 (LISTEN) postgres 2051 postgres 6u IPv4 17225 0t0 TCP *:5432 (LISTEN) postgres 2051 postgres 7u IPv6 17226 0t0 TCP *:5432 (LISTEN) mysqld 2078 mysql 27u IPv6 17340 0t0 TCP *:3306 (LISTEN)
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
Here is my server configuration.
No LSB modules are available. Distributor ID: Ubuntu Description: Ubuntu 16.04.1 LTS Release: 16.04 Codename: xenial
I don’t have .pem files. Is that good
here is the keys i have
ssl_certificate /etc/nginx/ssl/mysite.com/204933/server.crt;
ssl_certificate_key /etc/nginx/ssl/mysite.com/204933/server.key;
What OS (Operating System) are you running?
…
Unless NGINX is configured to listen on port 443, you generally won’t see that port in the listing when you run that command. You’d need a valid server block that specifically listens on port 443 before it’ll be listed.
For example:
server {
listen [::]443 ssl http2;
location / {
try_files $uri $uri/ /index.php;
}
}
The above is a very basic server block and doesn’t define much of what’s needed for SSL (yet), but it gives you an idea of what you need to be using for NGINX to listen on port 443.
A more complete example would be:
server {
listen [::]:80;
server_name domain.com www.domain.com;
return 301 https://$host$request_uri;
}
server
{
listen [::]:443 ssl http2;
server_name domain.com www.domain.com;
resolver 208.67.222.222 208.67.220.220 valid=300s;
resolver_timeout 5s;
ssl on;
ssl_certificate /path/to/ssl/cert.pem;
ssl_certificate_key /path/to/ssl/private.pem;
ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH";
ssl_dhparam /etc/nginx/ssl/dhparam.pem;
ssl_ecdh_curve secp384r1;
ssl_prefer_server_ciphers on;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_session_cache shared:SSL:50m;
ssl_stapling on;
ssl_stapling_verify on;
ssl_session_tickets off;
ssl_session_timeout 5m;
root /home/nginx/htdocs/public;
location /
{
try_files $uri $uri/ =404;
}
}
The above redirects requests on port 80 to 443 so everything is handled by SSL.
Become a contributor for community
Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.
DigitalOcean Documentation
Full documentation for every DigitalOcean product.
Resources for startups and AI-native businesses
The Wave has everything you need to know about building a business, from raising funding to marketing your product.
The developer cloud
Scale up as you grow — whether you're running one virtual machine or ten thousand.
Get started for free
Sign up and get $200 in credit for your first 60 days with DigitalOcean.*
*This promotional offer applies to new accounts only.