==Files:== ^ Directive ^ Path to Enter | | ssl_certificate | Certificate file + Intermidiate bundle path | | ssl_certificate_key | Key file path | ssl_certificate = .crt + .ca \\ ssl_certificate = 'cat Intermediate.txt >> your_domain_com.bundle' ------------ \\ To configure and redirect nginx properly and cleanly you need 3 nginx server blocks. \\ The blocks below show a site that is redirected to https://non-www.domain \\ A quick overview of these nginx blocks can be found below: server 80 -> Used to redirect Domains : ALL domains DocRoot specified: NO (: YES if site is combo of http and https) Redirect : https://domain # note non-www (: NO if site is combo of http and https) server 443 -> Used to redirect Domains : www.domain DocRoot specified: NO Redirect : https://domain # note non-www server 443 -> Delivers content Domains : ONLY non-www DocRoot specified: YES Redirect : NO \\ ------------ \\ \\ If the customers application is taking care of the redirects then we can use the following example. \\ The example below shows configuration with 2 nginx files server { listen 80; server_name www.example.co.uk example.co.uk; return 301 https://example.co.uk$request_uri; #note: this line actually forces https, you may not wish to have this, in which case you will just remove the line or comment it out } server{ listen 443; server_name example.co.uk www.example.co.uk; root /var/www/vhosts/example.co.uk; index index.html index.htm index.php; access_log /var/log/nginx/example.co.uk.access.log; error_log /var/log/nginx/example.co.uk.error.log; location / { index index.html index.htm index.php; try_files $uri $uri/ =404; } ssl on; ssl_certificate /etc/httpd/conf/ssl/ssl.crt/example.co.uk.crt; ssl_certificate_key /etc/httpd/conf/ssl/ssl.key/example.co.uk.key; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; #used to prevent poodle attacks for outdated protocols location ~ \.php$ { include /etc/nginx/fastcgi_params; fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME /var/www/vhosts/example.co.uk$fastcgi_script_name; } } \\ \\