Hosting using HTTPS and subdomain

Question

I am a beginner in website hosting please consider if my question is too silly or this is not the right place to ask this question and direct me to the right place.

I have website (hosted on a subdomain) already running on HTTP (perfectly). I am moving to HTTPS using Let's Encrypt. I have generated the certificate, configured my application and then deployed it using AWS lightsail. I have pointed the domain name using A record, where my lightsail instance IP is pointed by my subdomain.

Problem: When ever I go to my website using the URL https://subdomain.mywebsite.com:80 it works perfectly fine with no privacy error. My HTTPS server listens on port 80. But, if I try any other URL like subdomain.mywebsite.com:80 or subdomain.mywebsite.com I get a privacy error in google chrome saying "Your connection is not private".

I think I am missing some fundamental, which I not able to understand on my own.

My application is nodejs based below is a snippet of my server

 const options = {
       cert: fs.readFileSync('./sslcert/fullchain.pem'),
       key: fs.readFileSync('./sslcert/privkey.pem')
    };

    app.listen(function () {
      console.log("Live");
    });

    https.createServer(options, app).listen(80, function() {
      console.log("From HTTPS");
    });

You should never operate a https server on port 80. That port is meant for http, so unencrypted traffic. https uses port 443. Your certainly can, technically, use ports however you like. But you certainly will run into issues like the stuff you describe. — arkascha, Dec 16 '18 at 22:44
Point noted,I also tried running on port 443 and 8443, I am still facing the same problem — Palash Jain, Dec 16 '18 at 22:46
Try using a browsers private mode, you might look at caching issues currently. — arkascha, Dec 16 '18 at 22:48
Perfect now it is working with subdomain.mybsite.com:8443 but I want it work for subdomain.mybsite.com — Palash Jain, Dec 16 '18 at 22:53

score 0 · Accepted Answer · answered Dec 17 '18 at 15:14

What you need is to redirect all requests to port 80 to port 443, that way browsers apply automatically https protocol.

This means that if someone uses "subdomain.mywebsite.com", it is by default http and port 80, i.e, "http://subdomain.mywebsite.com:80" and you want it to be redirected to "https://subdomain.mywebsite.com", that is listening by default on port 443.And you configure your https service on port 443, which is the standard port for https.

You have two approaches:

Do the redirection in node.js: have a look to this answer for guidance: Automatic HTTPS connection/redirect with node.js/express
Use a proxy to do the redirection:have a look to this blog post for guidance (I am not related to that blog, just did a quick google search): https://serversforhackers.com/c/redirect-http-to-https-nginx

I hope this helps. Provide some comment if you need more clarifications.

Hosting using HTTPS and subdomain

1 Answers1