To make sure that your visitors always will be using an secured connection to your website, you have to redirect visitors that are making the first connection via HTTP. Here we make use of the permanent HTTP redirect code (HTTP status 301).
The following steps describe the configuration of Nginx to have the website loaded completely over HTTPS. Please read our background information on Securing your complete website with SSL
Configuring HTTPS per website
To comply with the specs you should first redirect visitors entering via HTTP to HTTPS. We need to configure this per worker (website), the configuration file for your site probably sits in /etc/nginx/sites-available/.
server {
listen 80;
server_name www.servercertificates.com;
return 301 https://$server_name$request_uri;
}Note that the server_name needs to be changed to your own domainname and the HTTPS version of your site is available, before creating the redirect.