Skip to content
You are reading Hyperledger Besu development version documentation and some displayed features may not be available in the stable release. You can switch to stable version using the version box at screen bottom.
Last update: October 11, 2021

TLS communication

Hyperledger Besu supports TLS to secure client and server communication, or secure P2P communication between nodes.


To secure client and server communication, you also need to configure the client (EthSigner) or server (Tessera) for TLS.

The following diagram displays an example client and server TLS configuration.

Besu client and server TLS

You must store private keys and certificates in password-protected PKCS12 keystore files.

Use the command line options to enable and configure TLS.

Questions or feedback? You can discuss issues and obtain free support on Hyperledger Besu chat channel.
For Hyperledger Besu community support, contact the mailing list