diff --git a/app/models/concerns/external_user.rb b/app/models/concerns/external_user.rb
index 7ce6f3c..8f61cda 100644
--- a/app/models/concerns/external_user.rb
+++ b/app/models/concerns/external_user.rb
@@ -18,10 +18,13 @@ module ExternalUser
   module ClassMethods
     def webfinger_lookup(login, domain, environment)
       if login && domain && environment.has_federated_network?(domain)
-        url = URI.parse('https://'+ domain +'/.well-known/webfinger?resource=acct:'+
+        external_environment = environment.external_environments.find_by_url(domain)
+        scheme = "http#{external_environment.uses_ssl? ? 's' : ''}"
+        url = URI.parse(scheme+"://"+ domain +'/.well-known/webfinger?resource=acct:'+
                          login+'@'+domain)
+        http = build_request(url)
         req = Net::HTTP::Get.new(url.to_s)
-        res = Net::HTTP.start(url.host, url.port) { |http| http.request(req) }
+        res = http.request(req)
         JSON.parse(res.body)
       else
         nil
@@ -48,7 +51,9 @@ module ExternalUser
       result = nil
       response = nil
       redirections_allowed = 3
-      location = 'http://' + domain + '/api/v1/login'
+      external_environment = ExternalEnvironment.find_by_url(domain)
+      scheme = "http#{external_environment.uses_ssl? ? 's' : ''}"
+      location = scheme + '://' + domain + '/api/v1/login'
       request_params = CGI.unescape({ login: login, password: password }.to_query)
       begin
         while redirections_allowed > 0 && (response.blank? || response.code == '301')
diff --git a/app/models/external_environment.rb b/app/models/external_environment.rb
index aa05e7e..5bb0b2a 100644
--- a/app/models/external_environment.rb
+++ b/app/models/external_environment.rb
@@ -6,4 +6,9 @@ class ExternalEnvironment < ActiveRecord::Base
 
   has_many :environment_external_environments, dependent: :destroy
   has_many :environments, through: :environment_external_environments
+
+  def uses_ssl?
+    url.starts_with? 'https'
+  end
+
 end
--
libgit2 0.21.2