To complete this step require a signed certificate (from a CA), or a locally signed certificate using LetsEncrypt. You will need both the private and public keys in a location that is accessible to Lisk.

Arrow down in the config file until you find the following section:

SSL Configuration

 "ssl": {
  "enabled": false,         // Change FROM false TO true
  "options": {
    "port": 443,            // Default SSL Port
    "address": "",   // Change only if you wish to block web access to the node
    "key": "path_to_key",   // Replace FROM path_to_key TO actual path to key file
    "cert": "path_to_cert"  // Replace FROM path_to_cert TO actual path to certificate file

After you have finished, save changes and exit. Hit: Ctrl+X Then: Y


If SSL Port configured above (ssl > options > port) is within well known ports range (below 1024), you must alter the port specified with setcap or change it to be outside of that range.

Setcap: Only required to grant Lisk access to port 443

 sudo setcap cap_net_bind_service=+ep bin/node

At this point, your changes are complete and you can return to the Configuration - General document for information on how to start Lisk Node up for your environment.

Open the web client using https://MY_IP_OR_HOST. You should now have an SSL enabled connection.

What's next?