diff --git a/133-enable-ssl-for-metrics-reporter.md b/133-enable-ssl-for-metrics-reporter.md
new file mode 100644
index 00000000..dead2b94
--- /dev/null
+++ b/133-enable-ssl-for-metrics-reporter.md
@@ -0,0 +1,67 @@
+# Enable SSL for Metrics Reporter
+
+This proposal is to enable SSL for the Metrics Reporter in Strimzi.
+This would allow for exporting metrics over HTTPs.
+
+## Current situation
+
+The current metrics reporter in Strimzi does not support SSL, which means that metrics are exported over HTTP.
+This can be a security concern in some environments, as it allows for potential interception of sensitive data.
+
+## Motivation
+
+Enabling SSL for the Metrics Reporter would provide an additional layer of security for users who need to export metrics over HTTPs.
+This would allow for secure communication between the Metrics Reporter and any monitoring tools that are consuming the metrics, such as Prometheus or Grafana.
+Additionally, it would align with best practices for securing data in transit, especially in environments where sensitive information may be included in the metrics.
+
+## Proposal
+
+I propose to add support for SSL in the Metrics Reporter by allowing users to configure SSL settings, such as providing PEM file and certificates.
+This would involve updating the Metrics Reporter to use an HTTPs server instead of an HTTP server, and ensuring that the necessary SSL configurations are properly handled.
+
+### Configurations
+
+We will start by adding new configuration options for the Metrics Reporter, such as:
+- `prometheus.metrics.reporter.listener`: if set to an address starting with `https://`, the Metrics Reporter will use an HTTPs server instead of an HTTP server.
+- `prometheus.metrics.reporter.listener.ssl.keystore.certificate.location`: The path of the PEM file containing the certificate/certificate chain for the keystore.
+- `prometheus.metrics.reporter.listener.ssl.keystore.key.location`: Inline PEM certificate or certificate chain as a string.
+- `prometheus.metrics.reporter.listener.ssl.keystore.certificate.chain`: The certificate chain in PEM format.
+- `prometheus.metrics.reporter.listener.ssl.keystore.key`: Inline PEM key as a string.
+- `prometheus.metrics.reporter.listener.ssl.enabled.protocols`: Comma separated list of enabled secure transport protocols.
+- `prometheus.metrics.reporter.listener.ssl.enabled.cipher.suites`: Comma separated list of cipher suites that the server will support.
+
+When SSL is enabled, the Metrics Reporter will use the provided settings to establish secure connections with clients.
+The implementation will ensure that the necessary SSL configurations are properly handled, and that the Metrics Reporter can still function as expected when SSL is enabled.
+
+Kafka already has support for SSL, so one would suggest reusing the existing SSL config options for the Metrics Reporter.
+However, I trust that the metrics reporter should have its own set of SSL config options.
+This is because it can have different requirements and configurations than the Kafka components, and it allows for more flexibility in how SSL is configured for the Metrics Reporter specifically.
+Additionally, it would avoid any potential conflicts or confusion that could arise from sharing SSL config options between the Metrics Reporter and Kafka components.
+
+### Implementation
+
+We will start the implementation by adding the support of the new configuration options for SSL in the metric reporter.
+
+Prometheus HttpServer will be modified with a HttpsConfigurator that will be responsible for configuring the SSL settings based on the provided configuration options.
+This will involve setting up the SSL context, loading the keys and certificates, and later configuring the HTTPs server to use the SSL context for secure communication.
+
+The implementation will also include error handling to ensure that any issues with SSL configuration are properly logged and do not cause the Metrics Reporter to fail unexpectedly.
+Additionally, we will ensure that the Metrics Reporter can still function as expected when SSL is enabled, and that it can handle either HTTP and HTTPs requests based on the configuration provided by the user.
+
+## Affected/not affected projects
+
+Primarily, this change will affect the metrics reporter.
+This proposal does not cover configuring SSL from the Strimzi Operators, when the Metrics Reporter is used in a Strimzi deployment.
+Such implementation shall be covered in a separate proposal.
+
+## Compatibility
+
+This proposal is designed to be backward compatible, as it will not change the existing behavior of the Metrics Reporter when SSL is not enabled.
+Users who do not wish to use SSL can continue to use the Metrics Reporter as they currently do, while those who want to enable SSL can do so by providing the necessary configuration options.
+Users already using the Metrics Reporter will not be affected by this change, as it will only impact those who choose to enable SSL.
+
+## Rejected alternatives
+
+Not rejected, but considered alternatives include making use of Firewalls and API Gateways to secure the communication between the Metrics Reporter and monitoring tools.
+However, these alternatives would require additional and complex configuration, and may not be feasible for all users.
+Enabling SSL directly in the Metrics Reporter provides a more straightforward and integrated solution for securing metrics export and is more industrial standard for securing data in transit.
\ No newline at end of file