I’m trying to configure my local n8n installation to use SSL certificates but having trouble getting it to work properly.
I’ve set these environment variables in my shell configuration:
export N8N_PROTOCOL="https"
export N8N_SSL_KEY="/home/user/certs/private.key"
export N8N_SSL_CERT="/home/user/certs/certificate.crt"
However, when I launch the application, the terminal still shows:
Workflow editor available at:
http://localhost:5678/
The secure connection isn’t working as expected. What am I missing in my SSL setup configuration? Any guidance would be appreciated.
Had the exact same problem when I set up SSL on n8n. Your cert files probably aren’t loading at startup. Check file permissions first - the n8n user needs to read those files. I had to chmod 644 my cert and chmod 600 the private key. Make sure your file paths are absolute and correct too. n8n sometimes caches the initial config, so kill the process completely and clear any cached configs before restarting. If you’re still getting that http localhost message, n8n’s falling back to HTTP because it can’t load the SSL certs. Also check your certificate isn’t expired.
try restarting with N8N_HOST=0.0.0.0 - i had the same issue and n8n wouldn’t bind to https without it. also check your cert chain is complete, like you might need intermediate certs bundled with your main cert. if it’s still showing localhost:5678, then ssl setup failed during startup.
Check if n8n is actually picking up your environment variables. Run echo $N8N_PROTOCOL before starting n8n to see if they’re set. If you’re using Docker or PM2, the variables might not be available in that context. I ran into this when my variables were only set in my shell but not in the service environment. Try setting them directly in your n8n startup command or config file instead. Also verify your certificate and key files are valid - run openssl x509 -in /home/user/certs/certificate.crt -text -noout to check the certificate. If n8n still defaults to HTTP, there’s probably an issue with how it’s reading your SSL config during startup.