Changing port 3000 to 443


Deployed on fresh CentOS 7.8 install as per:
as per: / installation / manual-installation / centos

Works fine on port 3000.

Want to change it to 80 /443
Followed instructions:
as per: / installation / manual-installation / configuring-ssl-reverse-proxy

Cannot get it to change off of port 3000.

port 3000 still works:
h : //

hs : //
shows 502 bad gateway

rebooted and cycled services.
Tried changing the Nginx and rocket chat config a number of different pethods.

(h t t p replaced with h to allow to post)

Server Setup Information

  • Version of Rocket.Chat Server: Latest
  • Operating System: CentOS
  • Deployment Method: tar
  • Proxy: Nginx
  • Firewalls involved: firewalld (testing with disabled)

Any additional Information

server hostname:
DNS record for certificate:

I cant post the config files because can’t post links it says.

I’d post my rocketchat.service but the forum says:
Sorry you cannot post a link to that host.

my ROOT_URL has the server name

but still listening on 3000

I redirected the 443 port to 3000 in Nginx conf file…

I’m using nginx on Centos8 on a Win2019 Hyper-V. Have an certbot ssl. HTTPS firewall port open only.

In the /etc/nginx/nginx.conf

upstream backend {

This redirects my https requests to localserver:3000.

Under my /usr/lib/systemd/system, I have the rocketchat.service environment for Root_url:


Hope this helps

upstream is not in my /etc/nginx/nginx.conf only in my /etc/nginx/conf.d/default.conf


upstream backend

I tried changing my service as you suggested.

Still getting a bad gateway.

When I go to port 80 though, its showing the Welcome to CentOS.

Did you open ports on Centos Firewalld? Turn it off for now (systemctl stop firewalld). Also is your hardware firewall open to 443 too?

from nginx.conf…

upstream backend {

server {
server_name; # managed by Certbot
    root         /usr/share/nginx/html;

    # Load configuration files for the default server block.
    include /etc/nginx/default.d/*.conf;

    location / {
        proxy_pass http://backend;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_set_header Host $http_host;

        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto https;
        proxy_set_header X-Nginx-Proxy true;

        proxy_redirect off;

    error_page 404 /404.html;
        location = /40x.html {

    error_page 500 502 503 504 /50x.html;
        location = /50x.html {

listen [::]:443 ssl ipv6only=on; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

It’s conceivable, yet not the best practice, better you put httpd or nginx before grafana and config the converse intermediary.