diff --git a/apps/consul_proxy/src/consul_proxy_sup.erl b/apps/consul_proxy/src/consul_proxy_sup.erl
index a65e96227bb572fa77a4f40bb805cc8c03ca2bbc..0cc93312454197df78bfec19d0e2b7cdad13d47f 100644
--- a/apps/consul_proxy/src/consul_proxy_sup.erl
+++ b/apps/consul_proxy/src/consul_proxy_sup.erl
@@ -56,10 +56,12 @@ init(Args) ->
 
     HijackListenerCount = application:get_env(consul_proxy, hijack_listeners, 100),
     HijackRanchOptions = [
-        {port, application:get_env(consul_proxy, hijack_port, 8083)}
+        {port, application:get_env(consul_proxy, hijack_port, 8083)},
+        {certfile, application:get_env(consul_proxy, hijack_cert, "config/localhost.pem")},
+        {cacertfile, application:get_env(consul_proxy, hijack_cert, "config/ca.pem")}
     ],
     HijackListenerSpec = ranch:child_spec(hijack_listener, HijackListenerCount,
-        ranch_tcp, HijackRanchOptions,
+        ranch_ssl, HijackRanchOptions,
         consul_proxy_middleware_hijack, []
     ),
 
diff --git a/config/ca.pem b/config/ca.pem
new file mode 100644
index 0000000000000000000000000000000000000000..41d4dc70187415b6409eda396b83a30f98952f61
--- /dev/null
+++ b/config/ca.pem
@@ -0,0 +1,28 @@
+-----BEGIN CERTIFICATE-----
+MIIE2TCCA8GgAwIBAgIJALb74VpZxuWCMA0GCSqGSIb3DQEBBQUAMIGjMQswCQYD
+VQQGEwJTRTESMBAGA1UECBMJU3RvY2tob2xtMRIwEAYDVQQHEwlTdG9ja2hvbG0x
+HjAcBgNVBAoTFUVyaWsncyBTZWxmLVNpZ25lZCBDQTEMMAoGA1UECxMDRGV2MRkw
+FwYDVQQDFBBFcmlrIEhlZGVuc3Ryw7ZtMSMwIQYJKoZIhvcNAQkBFhRlcmlrQGhl
+ZGVuc3Ryb2VtLmNvbTAeFw0xNTA5MTgxMzA5NDhaFw0xODA3MDgxMzA5NDhaMIGj
+MQswCQYDVQQGEwJTRTESMBAGA1UECBMJU3RvY2tob2xtMRIwEAYDVQQHEwlTdG9j
+a2hvbG0xHjAcBgNVBAoTFUVyaWsncyBTZWxmLVNpZ25lZCBDQTEMMAoGA1UECxMD
+RGV2MRkwFwYDVQQDFBBFcmlrIEhlZGVuc3Ryw7ZtMSMwIQYJKoZIhvcNAQkBFhRl
+cmlrQGhlZGVuc3Ryb2VtLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
+ggEBAK0CS24Ip1/fB5CuXgVb/nmwJ1xAdPRw4jUNYI7eRz1gfzwGcXiKd+d2ysWv
+8U5MFnpFDaCCZxnVlx8E+qdPZRfoaTJ1gQx+TzBu8oqG/JxC1mpAY6BJqGAPijQ/
+sMgCs+DdT6Sjlc+RUWswCFSaAt46pqp7g3FmYxXz79tSvAnpyJRZ9ZxZSMJCfFgY
+dZg7QzNS13tE6kBqdADnps14HsjDayfNqcrevusmWiBtfVM0blX0pJLSeH7A2b0H
+KWvssr+w/7jZ82yBuIYFv2hB0qDrEojjpIPc3y++4jYIoWVDDfKFc5yth2ogt35Z
+mxiZiqiX7eY4XnHSkm2PwOzu+VkCAwEAAaOCAQwwggEIMB0GA1UdDgQWBBSjp2i6
+eNOfcRTMWe5OXw9bXVTekzCB2AYDVR0jBIHQMIHNgBSjp2i6eNOfcRTMWe5OXw9b
+XVTek6GBqaSBpjCBozELMAkGA1UEBhMCU0UxEjAQBgNVBAgTCVN0b2NraG9sbTES
+MBAGA1UEBxMJU3RvY2tob2xtMR4wHAYDVQQKExVFcmlrJ3MgU2VsZi1TaWduZWQg
+Q0ExDDAKBgNVBAsTA0RldjEZMBcGA1UEAxQQRXJpayBIZWRlbnN0csO2bTEjMCEG
+CSqGSIb3DQEJARYUZXJpa0BoZWRlbnN0cm9lbS5jb22CCQC2++FaWcblgjAMBgNV
+HRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4IBAQAcIq5uUrYjCoIUbVGrrWC+G6so
+F1y2naX1tO1r4So+yXnUzB7cwFHOdTXkLcwjbU+ErDyfpNiaGJ9J0nE7ik3BUUB/
+hSCL6AIOCy5KcVDhqqJ0bo5x79EmMB0PkoT6qSeUYU7p5iEuTSkG/IuPXx8UwbIB
+V97h3BJwGjbLn1BnPgYru6HMyVkxKAjgLjHd48CQmxjXdS696JN27lOh7FZ5l6QZ
+kUuPSi6csPT83zbIT1mdg/jzCWZ+bkqM6NI5kPQcSCLb5vJo7mVmchXrNUCKHmP9
+1+8mUw+7NOxpG2XwYPtXlcPGzmmaqGwmQbEiQOPc5wyc6xyR7kdYMCGmwIpp
+-----END CERTIFICATE-----
diff --git a/config/localhost.pem b/config/localhost.pem
new file mode 100644
index 0000000000000000000000000000000000000000..aa5050e33006b93fcf18344c6f7b21f826990566
--- /dev/null
+++ b/config/localhost.pem
@@ -0,0 +1,57 @@
+-----BEGIN CERTIFICATE-----
+MIIDuDCCAqACCQD34vO1za/WdTANBgkqhkiG9w0BAQsFADCBozELMAkGA1UEBhMC
+U0UxEjAQBgNVBAgTCVN0b2NraG9sbTESMBAGA1UEBxMJU3RvY2tob2xtMR4wHAYD
+VQQKExVFcmlrJ3MgU2VsZi1TaWduZWQgQ0ExDDAKBgNVBAsTA0RldjEZMBcGA1UE
+AxQQRXJpayBIZWRlbnN0csO2bTEjMCEGCSqGSIb3DQEJARYUZXJpa0BoZWRlbnN0
+cm9lbS5jb20wHhcNMTYwMjA1MjEzNzQ1WhcNMjYwMjAyMjEzNzQ1WjCBlzEYMBYG
+A1UEChQPSGVkZW5zdHLDtm0uY29tMQwwCgYDVQQLEwNEZXYxJDAiBgkqhkiG9w0B
+CQEWFWFkbWluQGhlZGVuc3Ryb2VtLmNvbTESMBAGA1UEBxMJU3RvY2tob2xtMRIw
+EAYDVQQIEwlTdG9ja2hvbG0xCzAJBgNVBAYTAlNFMRIwEAYDVQQDEwlsb2NhbGhv
+c3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyA3S6aIQ3e5GOa4kX
+SuAZRGLhHhEPy9IDxav39qunBuvcLBdhpKJvWV2FbpaSl+3YIAvOeFQH1vVcfATJ
+pub0Jvjq9XdFAopmUQ4SWzbyCeZWULw/L2u14iz+Tpi6S2vn34ehFm6o5SlC1JhI
+CZYAAkfo+AcawESF256+8ubfM5rIPmXg9ROs3SWFlEYR0++3raG6gNt9565DWkln
+GyLNQuuKyQIBgC9adc7MNMxMTe/hKLVje4yDIQX4/S9d1Abavw3xGSy4GKgccAeO
+CA3HTCGmo4PAbgQaZJfANMu8HP+8rlblDf8BUcdDCYwTFIBhyLQC4zTtC31YnRb4
+fbPNAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAJALsYVe5TnBg+q5hAUyxjFcTfam
+dMFShOu6EWSrxPu1bkvwQBrmd0dFEtQEY/UDmm96jz0uzMplJrR//4zwVHI8IyfF
+i9iGyd2vvaBMv1xW8p6/ydPyVjHcFHcaB6/IZuHSWeQoAAWghim/vzDemWMCtC9l
+zvTQT+/4h+CUAL+oUAyVkIqCGZUDOaTfzGyrzaDYAeHIPa+OmZcNqfv5b8HpHDwM
+jYXdweOfFPoo7PvQKbTvVPr77SFAIxT3hsfk1k64ezqLTL1aJzr90grrG+Ejtg4w
+m1GAiisBsaWMgxWppAdhXO2iPGIltq9aDCSkDvcIeOwr9NiAYH0R6pFElSg=
+-----END CERTIFICATE-----
+-----BEGIN RSA PRIVATE KEY-----
+MIIEowIBAAKCAQEAsgN0umiEN3uRjmuJF0rgGURi4R4RD8vSA8Wr9/arpwbr3CwX
+YaSib1ldhW6Wkpft2CALznhUB9b1XHwEyabm9Cb46vV3RQKKZlEOEls28gnmVlC8
+Py9rteIs/k6Yuktr59+HoRZuqOUpQtSYSAmWAAJH6PgHGsBEhduevvLm3zOayD5l
+4PUTrN0lhZRGEdPvt62huoDbfeeuQ1pJZxsizULriskCAYAvWnXOzDTMTE3v4Si1
+Y3uMgyEF+P0vXdQG2r8N8RksuBioHHAHjggNx0whpqODwG4EGmSXwDTLvBz/vK5W
+5Q3/AVHHQwmMExSAYci0AuM07Qt9WJ0W+H2zzQIDAQABAoIBADDS/9YMyo7JJpAQ
+cIZh8/saJaCm9XkGpzB/q/4TutrR7Cj0MumGFUNDGIJ7ZXMJlqObjoFvwWRxEdTu
+8wU38MpwUf9nmfHkk38ipiBkwjo6euGbvTX7VKiLQ1nwxrT58LulNHb7Rxit2dZJ
+pwbDElAoT/7W4GP27hRkuzKWPrpi4JPBWPY13CO34hyqYzderPB/FZyen2mR0O1d
+bSSnqOeFLd8ku33dW0bXiqS8Iul2F3kSUGGsT9gBzI1d2Zs8EqpmOX7MfoIbsTqE
+eWfR5gIXRMPmdqUhdDnSdmM74ztoCX7PM7lbO6HBliOFPmv0O/Usdhpr3y3pmATr
+UVcViqECgYEA5n0wMv5GPoR87Oi8UhSZw4e7fBPrwxmqxSPtscfk3EnOWoEOc+aU
+c3tGNoOsdpYJtD+zasAY2ENVoHujBy1WTobVy1uwUn1yrbHR925XsJLhmkKHYw/s
+zTnhzYw+Mwv8JKwpw0l4NahAPJbC6Pn2gg+dppl0mhPDueTvUhTIavUCgYEAxbdl
+PFWPvMRljNFcZ8e1E6GySM3fbICIled2WuSSyJVI/qPN6kj+8b8Z7QTxciFouM0k
+NJPaFmLkU4OOU2mmGPef4wT7SMuhC7BkqzcKnjvf/7vLbLu53S1LQd5dasSBO5Wy
++9KhjPKfaGQT6Gzkvemu0MG/P7BS1JsuadWqznkCgYEAwnqrKrvGhYXA6x1NmWxs
+ecGTfpRIgCyuHP292B40i3NzPIZcrYrHg9FmYyUjZkQfGAoP12kTDZdzLqBj5PBq
+PIQk7RwGYPQcyVabNc3TC9hDp6evGPUc9+V5E7jb2rKoJEFoU7EwTwYSfY0wFOil
+CQUoHqSo8EDxC2+SR43ltekCgYBGqTqXC4UpU49vektqE6eVco6DEoCtCGrIGEbm
+SRZkdWX3C5fGCXyD7WZYnRGlVmdU1IwB9m1U3tb3OecdzH4+IhGUUu1zoMLXqJzx
+y+QRlRiDDxyuqZDNiSiCS/Ra+gutvdyPv0FZXES4TDwJLxG5BdEibnvpSRzxOtyl
+mmVHEQKBgES8SCwlAimiUlPHKxBaK0iMiuxZC8pMqPQE+k0h5JExBNfLfQwtoks8
+LcsGsXzpkCYhyYprTEmTxhtiRXAsgU83Fb7XUMEruFPdADC7YXPj06ZS50V9Ec/K
+l9E98WWzbSe55My7zxT8hvqvmUY5DOkbllcgu0r61ATYXWpLd6ow
+-----END RSA PRIVATE KEY-----
+-----BEGIN DH PARAMETERS-----
+MIIBCAKCAQEAwjbh/sVLbivqHsPaDjbMSBijjMdV6e6RnS7KHzumCXJulgM0NV/g
+SEvbCJtqAfAnxgq8THO6hk0JY17IRX2td5y9deCbL//SR7jZRr9hg/QkIxorxQdF
+rQCQjfOXz98n9IlbkGNYCORErNFGtgyu4FEFFPbSMcwTuLChfFUEsxTgy2H7kF1p
+9R6mGrHyFMIOcQn4HGERmJM2Z13slYbE8+jcy9K2opEFzDB5JqOVwideZKngPuGo
+JMI5t36h0ac8E7OBmcdOR55Nid5DjxvwUtBus/q3jqNVb/XVKmzJC51JqAC8NeAO
+Zdt92vY64PPk/nzsUXClkCxPjLYwMumiCwIBAg==
+-----END DH PARAMETERS-----
diff --git a/config/sys.config b/config/sys.config
index b6984ca6babc13074b832686241109d7072a1447..d537bfef3cf0b948dc55f32d72080feced83e423 100644
--- a/config/sys.config
+++ b/config/sys.config
@@ -48,6 +48,7 @@
         {api_listeners, 100},
         {hijack_port, 8083},
         {hijack_listeners, 100},
+        {hijack_cert, "config/localhost.pem"},
         {consul_url, "http://127.0.0.1:8500"},
         {cache_size, 1024},
         {loglevel, info},
diff --git a/config/test-sys.config b/config/test-sys.config
index 1d192ff8a3733d37632edd5d6fcacf1bdcb021b2..6628c229a499d00750b4cf0f3a6b3ea58989f8b4 100644
--- a/config/test-sys.config
+++ b/config/test-sys.config
@@ -43,6 +43,7 @@
         {api_listeners, 100},
         {hijack_port, 8083},
         {hijack_listeners, 100},
+        {hijack_cert, "config/localhost.pem"},
         {consul_urls, "http://127.0.0.1:8500"},
         {cache_size, 1024},
         {loglevel, info},