diff --git a/config/default.toml b/config/default.toml
index 563083bd..17905ecd 100644
--- a/config/default.toml
+++ b/config/default.toml
@@ -61,6 +61,16 @@ level="verbose"
 port=3000
 # HTTP interface to listen on
 host="0.0.0.0"
+# Enable HTTPS
+https=false
+# HTTPS certificate file name
+cert="cert.pem"
+# HTTPS certificate private key file name
+key="key.pem"
+# HTTPS ca certificate file name
+#ca="ca-certificate.pem"
+# HTTPS Diffie Hellman parameters (generate with openssl dhparam)
+#dhparams="dhparams.pem"
 # Secret for signing the session ID cookie
 secret="a cat"
 # Session length in seconds when "remember me" is checked
diff --git a/index.js b/index.js
index 305ec2ad..9428aaf4 100644
--- a/index.js
+++ b/index.js
@@ -8,6 +8,8 @@ const config = require('config');
 const log = require('npmlog');
 const app = require('./app');
 const http = require('http');
+const https = require('https');
+const fs = require('fs');
 const fork = require('child_process').fork;
 const triggers = require('./services/triggers');
 const importer = require('./services/importer');
@@ -33,10 +35,15 @@ log.level = config.log.level;
 app.set('port', port);
 
 /**
- * Create HTTP server.
+ * Create HTTP/HTTPS server.
  */
 
-let server = http.createServer(app);
+let server = (!config.www.https) ? http.createServer(app) : https.createServer({
+    cert: fs.readFileSync(config.www.cert),
+    key: fs.readFileSync(config.www.key),
+    ca: config.www.ca ? fs.readFileSync(config.www.ca) : undefined,
+    dhparams: config.www.dhparams ? fs.readFileSync(config.www.dhparams) : undefined
+}, app);
 
 // Check if database needs upgrading before starting the server
 dbcheck(err => {