diff --git a/kube-enforcer/templates/kube-enforcer-configmap.yaml b/kube-enforcer/templates/kube-enforcer-configmap.yaml
index 07e2012d..a755dbd9 100644
--- a/kube-enforcer/templates/kube-enforcer-configmap.yaml
+++ b/kube-enforcer/templates/kube-enforcer-configmap.yaml
@@ -51,7 +51,7 @@ data:
   AQUA_KAP_ADD_ALL_CONTROL: "true"
   AQUA_WATCH_CONFIG_AUDIT_REPORT: "true"
 {{- if .Values.kubeEnforcerAdvance.enable }}
-  AQUA_TLS_PORT: "8449"
+  AQUA_TLS_PORT: {{ .Values.ports.tlsContainerPort | quote }}
   AQUA_KE_SERVER_PORT: "8442"
   AQUA_ENVOY_MODE: "true"
 {{- else }}
diff --git a/kube-enforcer/templates/kube-enforcer-deployment.yaml b/kube-enforcer/templates/kube-enforcer-deployment.yaml
index 73282cb3..43af7143 100644
--- a/kube-enforcer/templates/kube-enforcer-deployment.yaml
+++ b/kube-enforcer/templates/kube-enforcer-deployment.yaml
@@ -81,7 +81,8 @@ spec:
           {{- include "extraSecretEnvironmentVars" .Values | nindent 10 }}
           ports:
           {{- if not .Values.kubeEnforcerAdvance.enable }}
-            - containerPort: 8443
+            - containerPort: {{ .Values.ports.tlsContainerPort }}
+              name: https
           {{- else }}
             - containerPort: 8449
             - containerPort: 8442
diff --git a/kube-enforcer/templates/service.yaml b/kube-enforcer/templates/service.yaml
index d789a5ae..988bea7e 100644
--- a/kube-enforcer/templates/service.yaml
+++ b/kube-enforcer/templates/service.yaml
@@ -11,8 +11,9 @@ metadata:
   namespace: {{ .Release.Namespace }}
 spec:
   ports:
-    - port: 443
-      targetPort: 8443
+    - name: https
+      port: 443
+      targetPort: https
 {{- if .Values.kubeEnforcerAdvance.enable }}
       name: envoy
 {{- end }}
diff --git a/kube-enforcer/values.yaml b/kube-enforcer/values.yaml
index 34e89b31..f2325ec2 100644
--- a/kube-enforcer/values.yaml
+++ b/kube-enforcer/values.yaml
@@ -204,6 +204,9 @@ securityContext:
 
 container_securityContext: {}
 
+ports:
+  tlsContainerPort: 8443
+
 readinessProbe:
   httpGet:
     path: /readyz