diff --git a/perl5/PVE/Storage/LunCmd/FreeNAS.pm b/perl5/PVE/Storage/LunCmd/FreeNAS.pm
index 3612ab0..3332791 100644
--- a/perl5/PVE/Storage/LunCmd/FreeNAS.pm
+++ b/perl5/PVE/Storage/LunCmd/FreeNAS.pm
@@ -4,6 +4,7 @@ use strict;
 use warnings;
 use Data::Dumper;
 use PVE::SafeSyslog;
+use IO::Socket::SSL;
 
 use REST::Client;
 use MIME::Base64;
@@ -204,11 +205,18 @@ sub run_delete_lu {
 sub freenas_api_call {
     my ($scfg, $method, $path, $data) = @_;
     my $client = undef;
+    my $scheme = 'http';
 
     $client = REST::Client->new();
-    $client->setHost('http://'.  $scfg->{portal});
+    if ($scfg->{freenas_use_ssl}) {
+        $scheme = 'https';
+    }
+    $client->setHost($scheme . '://'.  $scfg->{portal});
     $client->addHeader('Content-Type'  , 'application/json');
     $client->addHeader('Authorization' , 'Basic ' . encode_base64(  $scfg->{freenas_user} . ':' .  $scfg->{freenas_password}));
+    # don't verify SSL certs
+    $client->getUseragent()->ssl_opts(verify_hostname => 0);
+    $client->getUseragent()->ssl_opts(SSL_verify_mode => SSL_VERIFY_NONE );
 
     if ($method eq 'GET') {
         $client->GET($path);
diff --git a/perl5/PVE/Storage/ZFSPlugin.pm.patch b/perl5/PVE/Storage/ZFSPlugin.pm.patch
index 670be7a..d8e218e 100644
--- a/perl5/PVE/Storage/ZFSPlugin.pm.patch
+++ b/perl5/PVE/Storage/ZFSPlugin.pm.patch
@@ -35,7 +35,7 @@
          } elsif ($scfg->{iscsiprovider} eq 'istgt') {
              $msg = PVE::Storage::LunCmd::Istgt::run_lun_command($scfg, $timeout, $method, @params);
          } elsif ($scfg->{iscsiprovider} eq 'iet') {
-@@ -173,6 +178,14 @@
+@@ -173,6 +178,18 @@
  	    description => "iscsi provider",
  	    type => 'string',
  	},
@@ -46,16 +46,21 @@
 +	freenas_password => {
 +	    description => "FreeNAS API Password",
 +	    type => 'string',
++	},
++	freenas_use_ssl => {
++	    description => "FreeNAS API access via SSL",
++	    type => 'boolean',
 +	},
  	# this will disable write caching on comstar and istgt.
  	# it is not implemented for iet. iet blockio always operates with
  	# writethrough caching when not in readonly mode
-@@ -204,6 +217,8 @@
+@@ -204,6 +221,9 @@
  	sparse => { optional => 1 },
  	comstar_hg => { optional => 1 },
  	comstar_tg => { optional => 1 },
 +	freenas_user => { optional => 1 },
 +	freenas_password => { optional => 1 },
++	freenas_use_ssl => { optional => 1 },
  	content => { optional => 1 },
  	bwlimit => { optional => 1 },
      };
diff --git a/pve-docs/api-viewer/apidoc.js.patch b/pve-docs/api-viewer/apidoc.js.patch
index fa0703d..346ad80 100644
--- a/pve-docs/api-viewer/apidoc.js.patch
+++ b/pve-docs/api-viewer/apidoc.js.patch
@@ -1,6 +1,6 @@
 --- /usr/share/pve-docs/api-viewer/apidoc.js.orig	2018-06-04 12:08:17.416780601 +0800
 +++ /usr/share/pve-docs/api-viewer/apidoc.js	2018-06-04 12:07:28.073832212 +0800
-@@ -27549,6 +27549,18 @@
+@@ -27549,6 +27549,24 @@
                             "type" : "string",
                             "typetext" : "<string>"
                          },
@@ -15,15 +15,20 @@
 +                           "optional" : 1,
 +                           "type" : "string",
 +                           "typetext" : "<string>"
++                        },
++                        "freenas_use_ssl" : {
++                           "description" : "FreeNAS API access via SSL",
++                           "optional" : 1,
++                           "type" : "boolean",
++                           "typetext" : "<boolean>"
 +                        },
                          "content" : {
                             "description" : "Allowed content types.\n\nNOTE: the value 'rootdir' is used for Containers, and value 'images' for VMs.\n",
                             "format" : "pve-storage-content-list",
-@@ -27895,6 +27907,18 @@
-                      "optional" : 1,
+@@ -27896,6 +27914,24 @@
                       "type" : "string",
                       "typetext" : "<string>"
-+                  },
+                   },
 +                  "freenas_user" : {
 +                     "description" : "FreeNAS user for API calls",
 +                     "optional" : 1,
@@ -35,6 +40,13 @@
 +                     "optional" : 1,
 +                     "type" : "string",
 +                     "typetext" : "<string>"
-                   },
++                  },
++                  "freenas_use_ssl" : {
++                     "description" : "FreeNAS API access via SSL",
++                     "optional" : 1,
++                     "type" : "boolean",
++                     "typetext" : "<boolean>"
++                  },
                    "content" : {
                       "description" : "Allowed content types.\n\nNOTE: the value 'rootdir' is used for Containers, and value 'images' for VMs.\n",
+                      "format" : "pve-storage-content-list",
diff --git a/pve-manager/js/pvemanagerlib.js.patch b/pve-manager/js/pvemanagerlib.js.patch
index d47248b..394c485 100644
--- a/pve-manager/js/pvemanagerlib.js.patch
+++ b/pve-manager/js/pvemanagerlib.js.patch
@@ -8,7 +8,7 @@
  	[ 'istgt', 'istgt'],
  	[ 'iet', 'IET']
      ]
-@@ -27343,6 +27344,13 @@
+@@ -27343,6 +27344,27 @@
  		value: '',
  		fieldLabel: gettext('Target group'),
  		allowBlank: true
@@ -19,13 +19,6 @@
 +		value: '',
 +		fieldLabel: gettext('FreeNAS User'),
 +		allowBlank: true
- 	    }
- 	];
- 
-@@ -27374,6 +27382,13 @@
- 		value: '',
- 		fieldLabel: gettext('Host group'),
- 		allowBlank: true
 +	    },
 +	    {
 +		xtype: me.isCreate ? 'textfield' : 'displayfield',
@@ -33,6 +26,13 @@
 +		value: '',
 +		fieldLabel: gettext('FreeNAS Password'),
 +		allowBlank: true
++	    },
++	    {
++		xtype: 'proxmoxcheckbox',
++		name: 'freenas_use_ssl',
++		checked: false,
++		uncheckedValue: 0,
++		fieldLabel: gettext('FreeNAS API use SSL')
  	    }
  	];