diff --git a/server/webhook-ingest/compose.yaml b/server/webhook-ingest/compose.yaml
index b53abc58..9915328c 100644
--- a/server/webhook-ingest/compose.yaml
+++ b/server/webhook-ingest/compose.yaml
@@ -4,7 +4,7 @@ services:
     ports:
       - "4200"
     environment:
-      - NATS_URL=nats://nats-server:4222
+      - NATS_URL=tls://nats-server:4222
       - SECRET=${SECRET}
     depends_on:
       - nats-server
@@ -16,9 +16,13 @@ services:
     ports:
       - "4222:4222"
     command: ["--config", "/etc/nats/nats-server.conf"]
+    environment:
+      - TLS_CERT_FILE
+      - TLS_KEY_FILE
     volumes:
       - nats_data:/data
       - ./nats-server.conf:/etc/nats/nats-server.conf
+      - /etc/letsencrypt:/etc/letsencrypt:ro
     networks:
       - common-network
 
diff --git a/server/webhook-ingest/nats-server.conf b/server/webhook-ingest/nats-server.conf
index 6cc4418e..1a826abd 100644
--- a/server/webhook-ingest/nats-server.conf
+++ b/server/webhook-ingest/nats-server.conf
@@ -3,3 +3,9 @@ listen: "0.0.0.0:4222"
 jetstream {
   store_dir: "/data"
 }
+
+tls {
+  cert_file: $TLS_CERT_FILE
+  key_file: $TLS_KEY_FILE
+  verify_and_map: true
+}
\ No newline at end of file