diff --git a/client.go b/client.go
index f947cd08e..00c0cffc6 100644
--- a/client.go
+++ b/client.go
@@ -125,9 +125,9 @@ type ClientConfig struct {
 	// SwapServerNoTLS skips TLS for the swap server connection when set.
 	SwapServerNoTLS bool
 
-	// TLSPathServer is the path to the TLS certificate that is required to
-	// connect to the server.
-	TLSPathServer string
+	// TLSCertPathServer is the path to the TLS certificate that is
+	// required to connect to the server.
+	TLSCertPathServer string
 
 	// Lnd is an instance of the lnd proxy.
 	Lnd *lndclient.LndServices
diff --git a/loopd/config.go b/loopd/config.go
index 63c472690..ed9ef1518 100644
--- a/loopd/config.go
+++ b/loopd/config.go
@@ -24,6 +24,16 @@ var (
 	// LoopDirBase is the default main directory where loop stores its data.
 	LoopDirBase = btcutil.AppDataDir("loop", false)
 
+	// ApertureDirBase is the default main directory where aperture stores
+	// its data.
+	ApertureDirBase = btcutil.AppDataDir("aperture", false)
+
+	// DefaultApertureTLSCertPath is the default path to the TLS
+	// certificate that aperture creates for its proxy.
+	DefaultApertureTLSCertPath = filepath.Join(
+		ApertureDirBase, "tls.cert",
+	)
+
 	// DefaultNetwork is the default bitcoin network loop runs on.
 	DefaultNetwork = "mainnet"
 
@@ -139,8 +149,8 @@ type loopServerConfig struct {
 	Host  string `long:"host" description:"Loop server address host:port"`
 	Proxy string `long:"proxy" description:"The host:port of a SOCKS proxy through which all connections to the loop server will be established over"`
 
-	NoTLS   bool   `long:"notls" description:"Disable tls for communication to the loop server [testing only]"`
-	TLSPath string `long:"tlspath" description:"Path to loop server tls certificate [testing only]"`
+	NoTLS       bool   `long:"notls" description:"Disable tls for communication to the loop server [testing only]"`
+	TLSCertPath string `long:"tlscertpath" description:"Path to the TLS certificate for the loop server's proxy. Defaults to the aperture tls.cert in the default aperture data directory."`
 }
 
 type viewParameters struct{}
@@ -218,7 +228,8 @@ func DefaultConfig() Config {
 		RPCListen:  "localhost:11010",
 		RESTListen: "localhost:8081",
 		Server: &loopServerConfig{
-			NoTLS: false,
+			NoTLS:       false,
+			TLSCertPath: DefaultApertureTLSCertPath,
 		},
 		Tapd:            assets.DefaultTapdConfig(),
 		LoopDir:         LoopDirBase,
diff --git a/loopd/utils.go b/loopd/utils.go
index 9b439ac5a..e155feb73 100644
--- a/loopd/utils.go
+++ b/loopd/utils.go
@@ -44,7 +44,7 @@ func getClient(cfg *Config, swapDb loopdb.SwapStore,
 		ServerAddress:                        cfg.Server.Host,
 		ProxyAddress:                         cfg.Server.Proxy,
 		SwapServerNoTLS:                      cfg.Server.NoTLS,
-		TLSPathServer:                        cfg.Server.TLSPath,
+		TLSCertPathServer:                    cfg.Server.TLSCertPath,
 		Lnd:                                  lnd,
 		AssetClient:                          assets,
 		MaxL402Cost:                          btcutil.Amount(cfg.MaxL402Cost),
diff --git a/regtest/docker-compose.yml b/regtest/docker-compose.yml
index b6b6c5e0d..2a3ff5a53 100644
--- a/regtest/docker-compose.yml
+++ b/regtest/docker-compose.yml
@@ -161,7 +161,7 @@ services:
       - "--network=regtest"
       - "--debuglevel=debug"
       - "--server.host=aperture:11018"
-      - "--server.tlspath=/root/.loop/aperture-tls.cert"
+      - "--server.tlscertpath=/root/.loop/aperture-tls.cert"
       - "--lnd.host=lndclient:10009"
       - "--lnd.macaroonpath=/root/.lnd/data/chain/bitcoin/regtest/admin.macaroon"
       - "--lnd.tlspath=/root/.lnd/tls.cert"
diff --git a/sample-loopd.conf b/sample-loopd.conf
index b031201c1..2db1716a6 100644
--- a/sample-loopd.conf
+++ b/sample-loopd.conf
@@ -158,5 +158,6 @@
 ; Disable tls for communication to the loop server [testing only]
 ; server.notls=false
 
-; Path to loop server tls certificate [testing only]
-; server.tlspath=
+; Path to the TLS certificate for the loop server's proxy. Defaults to the
+; aperture tls.cert in the default aperture data directory.
+; server.tlscertpath=~/.aperture/tls.cert
diff --git a/swap_server_client.go b/swap_server_client.go
index fcec06be4..ffafe136e 100644
--- a/swap_server_client.go
+++ b/swap_server_client.go
@@ -174,7 +174,7 @@ func newSwapServerClient(cfg *ClientConfig, l402Store l402.Store) (
 	)
 	serverConn, err := getSwapServerConn(
 		cfg.ServerAddress, cfg.ProxyAddress, cfg.SwapServerNoTLS,
-		cfg.TLSPathServer, clientInterceptor,
+		cfg.TLSCertPathServer, clientInterceptor,
 	)
 	if err != nil {
 		return nil, err