As I was installing a certificate to our investors VPS, I had to follow some steps. Wrote them down for future use, but maby somebody else can use it.

Step 1 – Set stronger encryption|
Open /etc/nginx/nginx.conf and add the following lines of code at the end of the file.

;ssl_prefer_server_ciphers On;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;


Step 2 – Redirect all HTTP traffic to HTTPS

Make sure that your server redirects all trafic that comes on HTTP to HTTPS. This step is optional.

server {
listen 80;
return 301 https://$server_name$request_uri;


Step 3 – Enable HSTS
Find /etc/nginx/sites-available/-default and place a line in the server{}

server {

listen 443 ssl default deferred;


# config to enable HSTS(HTTP Strict Transport Security)

add_header Strict-Transport-Security "max-age=63072000; includeSubdomains;";




Step 4 – Add certificate
Now add the codes and / or the root and intermediate codes you recieved to your ssl config file /etc/nginx/ssl/server.crt

Step 5 – Restart Nginx

sudo /etc/init.d/nginx restart

Thats all folks, it should work now :)