Error: listen EACCES 0.0.0.0:443
In order to listen on privileged ports you need root permissions to start the server; this applies to ports < 1024. You may use nginx as a reverse proxy server running on 443 and run your Node JS server alongside on non-privileged ports as an unprivileged user.
For more information on setting up Node JS application with nginx in production, follow the link: https://www.digitalocean.com/community/tutorials/how-to-set-up-a-node-js-application-for-production-on-centos-7
In UNIX-like systems, non-root users are unable to bind to ports lower than 1024.
This is a nuisance when proxying addresses on port 80. Typically, you end up sudoing all apps that must bind to such ports.
However, since kernel 2.6.24, you can use the setcap
command to set specific capabilities to a program.
To enable all node programs to bind on any port lower than 1024, issue the following command:
sudo setcap 'cap_net_bind_service=+ep' /usr/local/bin/node
Note: If you don't know the location of node
, follow below command.
sudo setcap 'cap_net_bind_service=+ep' `which node`
I think you're probably looking to provide HTTPS to your application, if that's the case then usually with nodejs we don't serve using HTTPS directly from our node application. Instead we use nginx (a web server) to act as a "reverse proxy". This means nginx sits in front of our application, it listens on port 443 for us, and then sends requests through to our desired application.
Using nginx you can listen on port 443 and then redirect to multiple different services depending on the hostnames etc. For instance, I might have 3 web services running on one server, with nginx I can listen on port 443 for any HTTP connection. If the HTTP request is going to the host myblog.com it can send it off to a node service listening on port 8081. If the hostname on the request is myresume.com it might go off to a serivce on port 8082 and myprivatethings.com could go to port 8083.
Using something like nginx (many alternatives exist) you can manage multiple services with SSL/TLS (https) on one server.