diff --git a/CHANGES.md b/CHANGES.md
index 2d075c4cf..1df64b9be 100644
--- a/CHANGES.md
+++ b/CHANGES.md
@@ -24,7 +24,7 @@
 - Update: JoinMarket v0.9.8 [details](https://github.com/JoinMarket-Org/joinmarket-clientserver/releases/tag/v0.9.8)
 - Update: JoininBox v0.7.4 [details](https://github.com/openoms/joininbox/releases/tag/v0.7.3)
 - Update: Balance of Satoshis 13.6.0 (BOS) [details](https://github.com/alexbosworth/balanceofsatoshis/blob/master/CHANGELOG.md#1360)
-- Update: Circuitbreaker v0.3.2 [details](https://github.com/lightningequipment/circuitbreaker/blob/master/README.md)
+- Update: Circuitbreaker with webUI [details](https://github.com/lightningequipment/circuitbreaker/blob/master/README.md)
 - Fixed: SCB/Emergency-Backup to USB drive (now also with CLN emergency.recover file)
 - Info: Run RaspiBlitz on Proxmox [details](https://github.com/rootzoll/raspiblitz/tree/dev/alternative.platforms/Proxmox)
 - Info: IP2Tor unavailable & deactivated in SSH menus [details](https://github.com/rootzoll/raspiblitz/issues/3417#issuecomment-1310303480)
diff --git a/home.admin/00mainMenu.sh b/home.admin/00mainMenu.sh
index bb5caae15..11d469f73 100755
--- a/home.admin/00mainMenu.sh
+++ b/home.admin/00mainMenu.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
- 
+
 echo "Starting the main menu ..."
 
 # MAIN MENU AFTER SETUP
@@ -158,7 +158,7 @@ if [ "${homer}" == "on" ]; then
   CHOICE_HEIGHT=$((CHOICE_HEIGHT+1))
 fi
 if [ "${circuitbreaker}" == "on" ]; then
-  OPTIONS+=(CIRCUIT "Circuitbreaker (LND firewall)")
+  OPTIONS+=(CIRCUITBREAKER "Circuitbreaker (LND firewall)")
 fi
 if [ "${tallycoinConnect}" == "on" ]; then
   OPTIONS+=(TALLY "Tallycoin Connect")
@@ -286,7 +286,7 @@ case $CHOICE in
             ;;
         LIGHTNINGTIPBOT)
             /home/admin/config.scripts/bonus.lightningtipbot.sh menu
-            ;;            
+            ;;
         LOOP)
             /home/admin/config.scripts/bonus.loop.sh menu
             ;;
@@ -329,7 +329,6 @@ case $CHOICE in
         HELIPAD)
             sudo /home/admin/config.scripts/bonus.helipad.sh menu
             ;;
-
         SQUEAKNODE)
             /home/admin/config.scripts/bonus.squeaknode.sh menu
             ;;
@@ -339,7 +338,7 @@ case $CHOICE in
         CHANTOOLS)
             sudo /home/admin/config.scripts/bonus.chantools.sh menu
             ;;
-        CIRCUIT)
+        CIRCUITBREAKER)
             sudo /home/admin/config.scripts/bonus.circuitbreaker.sh menu
             ;;
         TESTNETS)
diff --git a/home.admin/assets/nginx/sites-available/circuitbreaker_ssl.conf b/home.admin/assets/nginx/sites-available/circuitbreaker_ssl.conf
new file mode 100644
index 000000000..d2d958191
--- /dev/null
+++ b/home.admin/assets/nginx/sites-available/circuitbreaker_ssl.conf
@@ -0,0 +1,21 @@
+## circuitbreaker_ssl.conf
+
+server {
+    listen 9236 ssl http2;
+    listen [::]:9236 ssl http2;
+    server_name _;
+
+    include /etc/nginx/snippets/ssl-params.conf;
+    include /etc/nginx/snippets/ssl-certificate-app-data.conf;
+
+    include /etc/nginx/snippets/gzip-params.conf;
+
+    access_log /var/log/nginx/access_circuitbreaker.log;
+    error_log /var/log/nginx/error_circuitbreaker.log;
+
+    location / {
+        proxy_pass http://127.0.0.1:9235;
+
+        include /etc/nginx/snippets/ssl-proxy-params.conf;
+    }
+}
diff --git a/home.admin/config.scripts/bonus.circuitbreaker.sh b/home.admin/config.scripts/bonus.circuitbreaker.sh
index 2433ddfb1..3edc8313f 100755
--- a/home.admin/config.scripts/bonus.circuitbreaker.sh
+++ b/home.admin/config.scripts/bonus.circuitbreaker.sh
@@ -1,8 +1,8 @@
 #!/bin/bash
 
 # https://github.com/lightningequipment/circuitbreaker/releases
-pinnedVersion="v0.3.2"
-# the commits are not signed
+# https://github.com/lightningequipment/circuitbreaker/commits/master
+pinnedVersion="e223938d983b756b3893880f3b3bf77e624a9f00"
 
 # command info
 if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "-help" ]; then
@@ -16,10 +16,37 @@ if [ $# -eq 0 ] || [ "$1" = "-h" ] || [ "$1" = "-help" ]; then
   exit 1
 fi
 
+PGPsigner="web-flow"
+PGPpubkeyLink="https://github.com/${PGPsigner}.gpg"
+PGPpubkeyFingerprint="4AEE18F83AFDEB23"
+
+# PGPsigner="joostjager"
+# PGPpubkeyLink="https://github.com/${PGPsigner}.gpg"
+# PGPpubkeyFingerprint="B9A26449A5528325"
+
 source /mnt/hdd/raspiblitz.conf
 
 isInstalled=$(sudo ls /etc/systemd/system/circuitbreaker.service 2>/dev/null | grep -c 'circuitbreaker.service')
 
+# show info menu
+if [ "$1" = "menu" ]; then
+  # get network info
+  localip=$(hostname -I | awk '{print $1}')
+  fingerprint=$(openssl x509 -in /mnt/hdd/app-data/nginx/tls.cert -fingerprint -noout | cut -d"=" -f2)
+
+  # info without Tor
+  whiptail --title " Circuit Breaker" --msgbox "Open in your local web browser & accept self-signed cert:
+https://${localip}:9236\n
+SHA1 Thumb/Fingerprint:
+${fingerprint}\n
+To follow the logs use the command:
+sudo journalctl -fu circuitbreaker
+" 14 63
+
+  echo "please wait ..."
+  exit 0
+fi
+
 # switch on
 if [ "$1" = "menu" ]; then
   if [ ${isInstalled} -eq 1 ]; then
@@ -67,23 +94,15 @@ if [ "$1" = "1" ] || [ "$1" = "on" ]; then
     sudo /usr/sbin/usermod --append --groups lndadmin circuitbreaker
 
     # install from source
-    cd /home/circuitbreaker
+    cd /home/circuitbreaker || exit 1
     sudo -u circuitbreaker git clone https://github.com/lightningequipment/circuitbreaker.git
-    cd circuitbreaker
+    cd circuitbreaker || exit 1
     sudo -u circuitbreaker git reset --hard $pinnedVersion
-    sudo -u circuitbreaker /usr/local/go/bin/go install ./... || exit 1
 
-    ##################
-    # config
-    ##################
-    echo
-    echo "# Setting the example configuration from:"
-    echo "# https://github.com/lightningequipment/circuitbreaker/blob/$pinnedVersion/circuitbreaker-example.yaml"
-    echo "# Find it at: /home/circuitbreaker/.circutbreaker/circuitbreaker.yaml"
-    echo
-    sudo -u circuitbreaker mkdir /home/circuitbreaker/.circuitbreaker 2>/dev/null
-    sudo -u circuitbreaker cp circuitbreaker-example.yaml \
-    /home/circuitbreaker/.circuitbreaker/circuitbreaker.yaml
+    sudo -u circuitbreaker /home/admin/config.scripts/blitz.git-verify.sh \
+     "${PGPsigner}" "${PGPpubkeyLink}" "${PGPpubkeyFingerprint}" || exit 1
+
+    sudo -u circuitbreaker /usr/local/go/bin/go install ./... || exit 1
 
     # make systemd service
     # sudo nano /etc/systemd/system/circuitbreaker.service
@@ -114,14 +133,22 @@ WantedBy=multi-user.target
     sudo systemctl enable circuitbreaker
     echo "# OK - the circuitbreaker.service is now enabled"
 
-  else 
+  else
     echo "# The circuitbreaker.service is already installed."
   fi
 
-  # setting value in raspi blitz config
-  /home/admin/config.scripts/blitz.conf.sh set circuitbreaker "on"
+  ##################
+  # NGINX
+  ##################
+  # setup nginx symlinks
+  if ! [ -f /etc/nginx/sites-available/circuitbreaker_ssl.conf ]; then
+    sudo cp /home/admin/assets/nginx/sites-available/circuitbreaker_ssl.conf /etc/nginx/sites-available/circuitbreaker_ssl.conf
+  fi
+  sudo ln -sf /etc/nginx/sites-available/circuitbreaker_ssl.conf /etc/nginx/sites-enabled/
+  sudo nginx -t
+  sudo systemctl reload nginx
 
-  isInstalled=$(sudo -u circuitbreaker /home/circuitbreaker/go/bin/circuitbreaker --version | grep -c "circuitbreaker version")
+  isInstalled=$(sudo -u circuitbreaker /home/circuitbreaker/go/bin/circuitbreaker --version | grep -c "circuitbreakerd version")
   if [ ${isInstalled} -eq 1 ]; then
     echo
 
@@ -138,35 +165,43 @@ WantedBy=multi-user.target
     echo "# Failed to install circuitbreaker "
     exit 1
   fi
-  
+
+  # setting value in raspi blitz config
+  /home/admin/config.scripts/blitz.conf.sh set circuitbreaker "on"
+
+  sudo ufw allow 9236 comment circuitbreaker_https
+
   exit 0
 fi
 
 # switch off
 if [ "$1" = "0" ] || [ "$1" = "off" ]; then
 
+  echo "# Removing the user and it's home directory"
+  sudo userdel -rf circuitbreaker 2>/dev/null
+
   if [ ${isInstalled} -eq 1 ]; then
     echo "# Removing the circuitbreaker.service"
     sudo systemctl stop circuitbreaker
     sudo systemctl disable circuitbreaker
     sudo rm /etc/systemd/system/circuitbreaker.service
-    echo "# Removing the user and it's home directory"
-    sudo userdel -rf circuitbreaker 2>/dev/null
-    echo "# OK, Circuit Breaker is removed."
+    echo "# OK, circuitbreaker.service is removed."
   else
-    echo "# Circuit Breaker is not installed."
+    echo "# circuitbreaker.service is not installed."
   fi
 
   # setting value in raspiblitz.conf
   /home/admin/config.scripts/blitz.conf.sh set circuitbreaker "off"
 
+  sudo ufw delete allow 9236
+
   exit 0
 fi
 
 # update
 if [ "$1" = "update" ]; then
   echo "# Updating Circuit Breaker"
-  cd /home/circuitbreaker/circuitbreaker
+  cd /home/circuitbreaker/circuitbreaker || exit 1
   # from https://github.com/apotdevin/thunderhub/blob/master/scripts/updateToLatest.sh
   # fetch latest master
   sudo -u circuitbreaker git fetch
@@ -190,16 +225,12 @@ if [ "$1" = "update" ]; then
   echo "# Pulling latest changes..."
   sudo -u circuitbreaker git pull -p
   sudo -u circuitbreaker git reset --hard $TAG
+
+  #TODO PGP verification on update
+
   echo "# Installing the version: $TAG"
   sudo -u circuitbreaker /usr/local/go/bin/go install ./... || exit 1
   echo
-  echo "# Setting the example configuration from:"
-  echo "# https://github.com/lightningequipment/circuitbreaker/blob/$TAG/circuitbreaker-example.yaml"
-  echo "# Find it at: /home/circuitbreaker/.circutbreaker/circuitbreaker.yaml"
-  sudo -u circuitbreaker mkdir /home/circuitbreaker/.circuitbreaker 2>/dev/null
-  sudo -u circuitbreaker cp circuitbreaker-example.yaml \
-  /home/circuitbreaker/.circuitbreaker/circuitbreaker.yaml
-  echo
   echo "# Updated to version" $TAG
   echo
   echo "# Starting the circuitbreaker service ... "
@@ -210,4 +241,4 @@ fi
 
 echo "# FAIL - Unknown Parameter $1"
 echo "# may need reboot to run normal again"
-exit 1
\ No newline at end of file
+exit 1