diff --git a/scripts/install_native.sh b/scripts/install_native.sh
index c7f30a4..cced35a 100755
--- a/scripts/install_native.sh
+++ b/scripts/install_native.sh
@@ -304,12 +304,22 @@ if [ "$ENABLE_MONITORING" = true ] && [ "$USE_EXISTING_MONITORING" = false ]; th
 elif [ "$USE_EXISTING_MONITORING" = true ]; then
     MONITORING_FLAG="--use-existing-monitoring"
 fi
-./scripts/setup_systemd.sh $MONITORING_FLAG --skip-build --domain "$DOMAIN" --email "$EMAIL" $([ "$SKIP_SSL" = true ] && echo "--skip-ssl")
+./scripts/setup_systemd.sh $MONITORING_FLAG --skip-build
 
 # Step 4: Configure cache (in-memory LRU - no Redis needed)
 echo "🧠 Gateway uses in-memory LRU cache (no Redis required)"
 
-# Step 5: Setup monitoring (if requested)
+# Step 5: Setup SSL/HTTPS (if domain and email provided)
+if [ -n "$DOMAIN" ] && [ -n "$EMAIL" ] && [ "$SKIP_SSL" = false ]; then
+    echo "🔒 Setting up SSL certificate for $DOMAIN..."
+    certbot --nginx --non-interactive --agree-tos --email "$EMAIL" -d "$DOMAIN"
+    
+    # Update nginx config to use the domain
+    sed -i "s/server_name _;/server_name $DOMAIN;/" /etc/nginx/sites-available/torrent-gateway
+    systemctl reload nginx
+fi
+
+# Step 6: Setup monitoring (if requested)
 if [ "$ENABLE_MONITORING" = true ]; then
     echo "📊 Installing monitoring components..."