I got a security error too. It says the problem is that the certificate
is self-signed. I have no idea what that means or how to repair it.
*If* you want to go down this road, the simplest way is to install one
of the "Let's Encrypt" support packages and follow its instructions to
obtain and maintain a Let's Encrypt certificate.
This is not just a one-time setup; the certificate expires every few
months and has to be updated, so there is a nightly cron job or similar
to check on it and replace it if it's sufficiently old. The good news
is, you only have to *do stuff* once, and the package should be able to
do the rest.
There are several suitable packages for this; I'm using "dehydrated",
I added port 443 only because my router converted the port 80 request to a port 443 request. I eventually worked out the reason for that was because my server had started running a firewall that blocked port 80 (and 443). I don't have any interactive pages where I ask for input, so there seems not to be a reason to keep port 443 going on.