This action sets the SSL/TLS certificate to use in the secure WebSocket server.

It takes three parameters:

    1. Certificate chain file path – on disk or in Binary Data's embedded files.
  1. Private key file path – on disk or in Binary Data's embedded files.
  2. Password of private key file, if any.
    Password protection on private-key files only secure the private key file from being copied from the server's hard drive; the password protection doesn't change anything about the secure connections.
    (Password-protected private key support is coded into Blue, but has not yet been tested.
    Report the problem if you cannot use a password-protected file, but can use the same private key if you remove the password protection.)


You must have a certificate loaded to host WebSocket securely, as the certificate is what secures connections.

To get certificates, refer to Guides > Hosting a server > Hosting a WebSocket server. Certificates are usually free, but have several steps to obtain.


You can supply either two PEM files, or on Windows you can also supply one PFX file.

Other formats may work, but this is not guaranteed.

If you are using a PFX file format (PKCS #12), and merging the private key and certificate chain into one PFX, you should pass "" as the second file. Repeating the file path for the second file is also allowed.