MakerMatrix supports HTTPS for secure local development and production deployments.
# 1. Enable HTTPS in your environment
echo "HTTPS_ENABLED=true" >> .env
# 2. Generate certificates
python scripts/setup_https.py
# 3. Restart the server
python dev_manager.pyAccess at: https://localhost:8443
The setup_https.py script offers three methods:
Generates a self-signed certificate using OpenSSL. Your browser will show a security warning that you can bypass.
python scripts/setup_https.py
# Choose option 1 when promptedUses mkcert to generate locally-trusted certificates — no browser warnings.
# Install mkcert first
# macOS: brew install mkcert
# Windows: choco install mkcert
# Linux: see https://github.com/FiloSottile/mkcert#installation
mkcert -install # Install local CA (one-time)
python scripts/setup_https.py
# Choose option 2 when promptedFor production, use certificates from a trusted CA (Let's Encrypt, etc.):
- Place your certificate files in the
certs/directory:certs/cert.pem— Certificate filecerts/key.pem— Private key file
- Set
HTTPS_ENABLED=truein.env - Start the server
Certificates are stored in the certs/ directory (gitignored):
certs/
cert.pem # Certificate
key.pem # Private key
| Variable | Default | Description |
|---|---|---|
HTTPS_ENABLED |
false |
Enable HTTPS mode |
When using Docker, mount your certificates:
docker run -d \
-p 8080:8080 \
-v makermatrix-data:/data \
-v ./certs:/data/certs \
-e HTTPS_ENABLED=true \
ghcr.io/ril3y/makermatrix:latestSelf-signed certificates will always trigger browser warnings. Use mkcert (Option 2) for warning-free local development.
Ensure certificate files have restrictive permissions:
chmod 600 certs/key.pem
chmod 644 certs/cert.pemHTTPS mode uses port 8443 by default. Check for conflicts:
lsof -i :8443 # Linux/macOS
netstat -ano | findstr :8443 # Windows