Install Ollama for Windows
Open Windows PowerShell as Administrator
Set Ollama to listen on all interfaces
`setx OLLAMA_HOST “0.0.0.0:11434” /M`
Restart the Ollama service or app
Confirm Ollama is reachable on HTTP locally
`curl http://localhost:11434/api/tags`
Install a reverse proxy with HTTPS support
Caddy
Nginx
Traefik
Create a local TLS certificate
Use `mkcert`
Or use a certificate from your internal CA
Install `mkcert`
Create and trust a local CA
`mkcert -install`
Generate a certificate for your hostname
`mkcert ollama.local`
Configure Caddy for HTTPS reverse proxy
`ollama.local {`
`reverse_proxy 127.0.0.1:11434`
`}`
Save the Caddy config as `Caddyfile`
Start Caddy as Administrator
`caddy run`
Map the hostname to localhost
Edit `C:WindowsSystem32driversetchosts`
Add `127.0.0.1 ollama.local`
Open the HTTPS endpoint
`https://ollama.local`
If using Nginx, configure TLS termination and proxy to `127.0.0.1:11434`
If using Traefik, configure an HTTPS router and service pointing to `127.0.0.1:11434`
Allow ports in Windows Firewall
11434 for local proxy backend
443 for HTTPS access
Verify HTTPS access
`curl https://ollama.local/api/tags`
If certificate trust fails, import the CA into Windows Trusted Root Certification Authorities
If Ollama must be accessed remotely, bind to `0.0.0.0` and restrict access with firewall rules
Keep Ollama on HTTP internally and terminate HTTPS at the reverse proxy
Do not expose Ollama directly to the internet without authentication and firewall protection