I tried running n8n locally with secure settings, yet it still starts over HTTP. My configuration:
export N8N_SECURE_MODE="true"
export SEC_KEY_PATH="/secure/mykey.pem"
export SEC_CERT_PATH="/secure/mycert.pem"
How can I force it to use HTTPS?
In my experience, the secure mode settings in n8n are often misunderstood; they control how n8n handles secure communications rather than forcing it to listen on an HTTPS port directly. I solved a similar issue by setting up a reverse proxy using Nginx. I configured Nginx to listen on port 443 with the proper certificates, and then it forwarded requests to n8n running locally. This approach ensures that clients connect over HTTPS while n8n operates on HTTP internally, giving you the security you need without modifying n8n’s default behavior.
n8n’s secure mode is primarily intended for internal secured communication rather than serving as a full HTTPS listener. In my setup, I configured Traefik as the front-facing component. Traefik handles TLS termination, uses Let’s Encrypt for certificate management, and then forwards requests to the HTTP endpoint where n8n is running. This approach minimizes configuration complexity within n8n and leverages Traefik’s strengths while ensuring proper encryption and automatic renewal of certificates. Adjusting the network and firewall settings to allow secure traffic also plays a crucial role in this configuration.