Port 443
HTTPS - Secure HTTP over TLS/SSL
Port 443: HTTPS Secure Web Traffic
| Protocol | TCP |
| Service | HTTPS (Secure Web) |
| Encrypted | Yes (TLS) |
| IANA Status | Official |
What is Port 443?
Port 443 is the default port for HTTPS (HTTP Secure) traffic. It uses TLS (Transport Layer Security) to encrypt all data between the client and server, protecting against eavesdropping and tampering.
Why Use HTTPS?
- Encryption: All data is encrypted in transit
- Authentication: Certificates verify server identity
- Integrity: Data cannot be modified in transit
- SEO: Google ranks HTTPS sites higher
- Browser requirements: Many APIs require secure context
TLS Versions
| Version | Status |
|---|---|
| TLS 1.3 | Recommended |
| TLS 1.2 | Secure |
| TLS 1.1 | Deprecated |
| TLS 1.0 | Insecure |
Server Configuration
Nginx with Let's Encrypt
server {
listen 443 ssl http2;
server_name example.com;
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256;
ssl_prefer_server_ciphers off;
# HSTS
add_header Strict-Transport-Security "max-age=63072000" always;
}Get a Free SSL Certificate
# Install certbot
sudo apt install certbot python3-certbot-nginx
# Get certificate
sudo certbot --nginx -d example.com -d www.example.com
# Auto-renewal is configured automatically
sudo certbot renew --dry-runTroubleshooting
# Test SSL connection
openssl s_client -connect example.com:443
# Check certificate expiry
echo | openssl s_client -connect example.com:443 2>/dev/null | \
openssl x509 -noout -dates
# Test TLS version support
openssl s_client -connect example.com:443 -tls1_3
# Check what's listening on 443
sudo lsof -i :443Common Issues
- Certificate expired: Renew with
certbot renew - Mixed content: Resources loaded over HTTP on HTTPS page
- Port blocked: Check firewall allows 443/tcp
- Certificate mismatch: Wrong domain in certificate