diff --git a/amd64.dockerfile b/amd64.dockerfile
index 68eacda..fd6519a 100644
--- a/amd64.dockerfile
+++ b/amd64.dockerfile
@@ -10,15 +10,16 @@
       apk --no-cache add \
         curl \
         tzdata \
-        shadow; \
-      apk --no-cache upgrade; \
-      apk cache clear;
+        shadow \
+        openssl; \
+      apk --no-cache upgrade;
 
   # :: prepare image
     RUN set -ex; \
       mkdir -p ${APP_ROOT}; \
       mkdir -p ${APP_ROOT}/etc; \
       mkdir -p ${APP_ROOT}/var; \
+      mkdir -p ${APP_ROOT}/ssl; \
       rm -f /etc/defaults/influxdb2/config.yml; \
       ln -s ${APP_ROOT}/etc/config.yml /etc/defaults/influxdb2/config.yml; \
       mv /entrypoint.sh /usr/local/bin;
@@ -47,4 +48,4 @@
 
 # :: Start
 	USER docker
-  ENTRYPOINT ["/usr/local/bin/entrypoint.sh"]
\ No newline at end of file
+  ENTRYPOINT ["/usr/local/bin/entrypoint.custom.sh"]
\ No newline at end of file
diff --git a/rootfs/influxdb/etc/config.yml b/rootfs/influxdb/etc/config.yml
index 4e44960..d0d7675 100644
--- a/rootfs/influxdb/etc/config.yml
+++ b/rootfs/influxdb/etc/config.yml
@@ -1,3 +1,4 @@
 bolt-path: /influxdb/var/influxd.bolt
 engine-path: /influxdb/var/engine
-nats-port: 4222
\ No newline at end of file
+tls-cert: "/influxdb/ssl/cert.pem"
+tls-key: "/influxdb/ssl/key.pem"
\ No newline at end of file
diff --git a/rootfs/usr/local/bin/entrypoint.custom.sh b/rootfs/usr/local/bin/entrypoint.custom.sh
new file mode 100644
index 0000000..4885051
--- /dev/null
+++ b/rootfs/usr/local/bin/entrypoint.custom.sh
@@ -0,0 +1,11 @@
+#!/bin/ash
+
+  if [ ! -f "${APP_ROOT}/ssl/cert.pem" ]; then
+    openssl req -x509 -newkey rsa:4096 -subj "/C=XX/ST=XX/L=XX/O=XX/OU=XX/CN=XX" \
+      -keyout "${APP_ROOT}/ssl/key.pem" \
+      -out "${APP_ROOT}/ssl/cert.pem" \
+      -days 3650 -nodes -sha256 &> /dev/null
+  fi
+
+  sed -i s#INFLUXD_TLS_CERT='' INFLUXD_TLS_KEY=''## /usr/local/bin/entrypoint.sh
+  /usr/local/bin/entrypoint.sh
\ No newline at end of file
diff --git a/rootfs/usr/local/bin/healthcheck.sh b/rootfs/usr/local/bin/healthcheck.sh
index d5aee75..44c149b 100644
--- a/rootfs/usr/local/bin/healthcheck.sh
+++ b/rootfs/usr/local/bin/healthcheck.sh
@@ -1,2 +1,2 @@
 #!/bin/ash
-  curl --max-time 5 -kILs --fail http://localhost:8086/ping
\ No newline at end of file
+  curl --max-time 5 -kILs --fail https://localhost:8086/ping
\ No newline at end of file