SSL certificates

Godot includes SSL certificates from Mozilla, but you can provide your own with a .crt file in the project settings:

This file should contain any number of public certificates in .

Of course, remember to add .crt as filter so the exporter recognizes this when exporting your project.

There are two ways to obtain certificates:

The first approach is the simplest: generate a private and public key pair and add the public key (in PEM format) to the .crt file. The private key should go to your server.

OpenSSL has some documentation about this. This approach also does not require domain validation nor requires you to spend a considerable amount of money in purchasing certificates from a CA.

The second approach consists of using a certificate authority (CA) such as Verisign, Geotrust, etc. This is a more cumbersome process, but it’s more “official” and ensures your identity is clearly represented.

Also, when using a CA issued cert, you must enable domain validation, to ensure the domain you are connecting to is the one intended, otherwise any website can issue any certificate in the same CA and it will work.

If you are using Linux, you can use the supplied certs file, generally located in:

This file allows HTTPS connections to virtually any website (i.e., Google, Microsoft, etc.).

Or pick any of the more specific certificates there if you are connecting to a specific one.