Postgres 12 on Ubuntu 20.04 SSL installation

I have a fully qualified domain name pointing to the ip of the droplet with Ubuntu 20.04 and Postgres 12 installed. I need to install SSL on the same. Any help is appreciated.

Show comments

Submit an answer

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Want to learn more? Join the DigitalOcean Community!

Join our DigitalOcean community of over a million developers for free! Get help and share knowledge in Q&A, subscribe to topics of interest, and get courses and tools that will help you grow as a developer and scale your project or business.

Hi @mishrashreya840, I had to start new answer because we already reached too many replies.

[secondary_label @mishrashreya840 wrote] 
Can you point me to the relevant tutorial pls? 

You can install Nginx on Ubuntu following this tutorial:

To configure Nginx as reverse proxy you can base on step 7 of the below tutorial. Obviously, you need to modify settings to fit them to your environment.

[secondary_label @mishrashreya840 wrote] 
Also, can installing nginx/apache interfere with the running application as that app does not require these running. 

I do not know that. I could imagine conflicts between dependent packages, e.g. the app might require elder versions than nginx but it is rather not that likely. It may be conflict in using TCP ports as well but it is configurable, at least on Nginx side. First, check what adresses and ports the applications listen on:

sudo netstat -tulpn

Look for your app in the result. Nginx is configured by default to listen on all addresses on TCP port 80.

Hi @communityservice, We reached too many replies, so I started a new answer.

@communityservice wrote
sudo netstat -tulpn | grep -e 6000 -e 6001 resulted in below tcp 0 0* LISTEN 24317/./appname

It looks like before. First of all, you need to change the settings in your app configuration to make it listening on localhost (, not on public IP address ( in the example). Otherwise, the configuration I sent you will not work, you will have two services listening on your public IP port 6000, the app and nginx.

@communityservice wrote
anything that I did wrong? Or was I supposed to add it to some other file? Or maybe creating sym link?

You can add new server blocks to your existing file as well as to a new file. In the first case you do not have to care about creating a symlink.

@communityservice wrote
nginx: [warn] the “ssl” directive is deprecated, use the “listen … ssl” directive instead in /etc/nginx/sites-enabled/

It is just a warning but it would be good to fix it too. What is your directive in line 48 of the file /etc/nginx/sites-enabled/ ?

And remember to restart nginx service after changing its configuration. First check if the syntax of config files is OK, of course :)

sudo nginx -t

sudo systemctl restart nginx

Hi @communityservice, I had to open new answer again :) Sorry I left you without response but I dived into DO’s API and almost drowned :D :D :D

@communityservice/@unicornomy wrote
I have an app (public facing) on which has various sub URLs like and etc. These URLs are also sent out to subscribers via email and when they are clicked by customers the insecure version (http) with port number open up which really does not look secure and neat. Thus I need to move them to and with the action of both the URLs remaining unaffected. I feel this needs to be achieved out of server block setting of nginx, but unable to find a working solution for the same.

What is the website server for your app, working on port 6000 ? Can you provide a result of the command below, pls. ?

sudo netstat -tulpn | grep 6000