diff --git a/roles/easyredmine/files/redmine.vm-rsa.pem b/roles/easyredmine/files/redmine.vm-rsa.pem
new file mode 100644
index 0000000..e7fc729
--- /dev/null
+++ b/roles/easyredmine/files/redmine.vm-rsa.pem
@@ -0,0 +1,54 @@
+-----BEGIN CERTIFICATE-----
+MIIEkDCCAngCAV4wDQYJKoZIhvcNAQELBQAwgZkxCzAJBgNVBAYTAlVTMRUwEwYD
+VQQIEwxQZW5uc3lsdmFuaWExFTATBgNVBAcTDFBoaWxhZGVscGhpYTEtMCsGA1UE
+ChMkQXBpREIgQmlvaW5mb3JtYXRpY3MgUmVzb3VyY2UgQ2VudGVyMQ4wDAYDVQQD
+EwVBcGlEQjEdMBsGCSqGSIb3DQEJARYOaGVscEBhcGlkYi5vcmcwHhcNMTUxMTIx
+MTgwNTQ0WhcNMjAxMTE5MTgwNTQ0WjCBgTELMAkGA1UEBhMCVVMxEDAOBgNVBAgM
+B0dlb3JnaWExDzANBgNVBAcMBkF0aGVuczEwMC4GA1UECgwnRXVQYXRoREIgQmlv
+aW5mb3JtYXRpY3MgUmVzb3VyY2UgQ2VudGVyMR0wGwYDVQQDDBRyZWRtaW5lLnZt
+LmFwaWRiLm9yZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANEq1+8B
+1nbX/3JtvZAK3A0p4oqM6Zqy9t3C//BjlAhiaVFSGkvr3h+S8M8KL9m4Ty4GxxP0
+1Ei7HtTyGc7/N3iiw1p+0eDcwT1SFT9p43M/pZpyq7Y0LO3XK5Pe3CN5pcTaqhEE
+NoHgul6wvgr1U8XwSo197l3XnrkS2CAHJYKX+p3BdKC+83qzd62RvzW+Yo0J8ces
+xTcNKf/bdKLhjbX3nfZsfPmVtimBlA8UyEnnUd+UVj88RPsF/tG/mrnRpd/+Z43C
+90RYLiDGyRk4y+lBUEwVtaQpiN74L4DHjvjxXCgFr94Kwx7ADNlDmF+sq2lJHvG/
+BnGjoJZg9zcsmIsCAwEAATANBgkqhkiG9w0BAQsFAAOCAgEACtJ86trNYyXNDC+t
+d01bxdXL4TjKxVT3Pg1arJadOWr5yfm5lvBLUGweRQj0KYP1GeRlN21HkbS8d8u+
+tGRkdPS8MpCcmc+VjuiUVNeZCxSRxwNfq09x1yQVVVAoHI63roICY20wISNKtbdC
+ylguWzJrUfx56X1ys9MkenKfuINsuABdtBDJ8A/17/rNkyeZTV4OgLEp2lCzCxGo
+uW/5RmoYHoAS7d4uZO7zRu6ipScUGuZst+JsI8o1crA7rSeAsCMrK8BK5W5rntOI
+47Jc4CD1xaVh2CjMzg+JaDRoYYPlRr77pw7LSzKv7H3dKzYKbBzWxTVhfzvwSBXN
+ge6D19fNyXiXFjRQryWhTMXnadqeUWJogqDGGbHb2FNiiHajpGRP3Rl/YNjxQYvM
+PG0oc1czY83HHNHSbfr/2vuP4rUI1JLmpRfxz6TkpVrlt6zk92PjtxesXgrGKYYE
+R1dG1tzKADIYF65DgUPvlGlYSpHT8HkEXwohECtImiP6LWSMCCiM7LFlCX8N5r3j
+EUAXLhqiOblyKQLCjN923Lgcf3E6w97P8xyasOpwYCXs6Kcu/aV70SpIaEa3mgHq
+ZW3ERxyAQ8nhyGCGHGA/MV4AxahpO+I4hs2HH9SsEfIbqkKeWO08KsNONDe1WMPY
+HSPWyR36nspAshocfNhwB4qxsnA=
+-----END CERTIFICATE-----
+-----BEGIN RSA PRIVATE KEY-----
+MIIEpQIBAAKCAQEA0SrX7wHWdtf/cm29kArcDSniiozpmrL23cL/8GOUCGJpUVIa
+S+veH5Lwzwov2bhPLgbHE/TUSLse1PIZzv83eKLDWn7R4NzBPVIVP2njcz+lmnKr
+tjQs7dcrk97cI3mlxNqqEQQ2geC6XrC+CvVTxfBKjX3uXdeeuRLYIAclgpf6ncF0
+oL7zerN3rZG/Nb5ijQnxx6zFNw0p/9t0ouGNtfed9mx8+ZW2KYGUDxTISedR35RW
+PzxE+wX+0b+audGl3/5njcL3RFguIMbJGTjL6UFQTBW1pCmI3vgvgMeO+PFcKAWv
+3grDHsAM2UOYX6yraUke8b8GcaOglmD3NyyYiwIDAQABAoIBAQCVH7p7iA/jAvP4
+HQ09GMDyEZ6VsQkLZfRi/peCRzxPDfqQI7zjy/G9CQHuWhDrZF/vLJ3aOH7wq5e7
+si98SLC/rSsh5bC0ZC7RDShg4ZlrnUDv8DlD2cb+ep1y+zxvflcVFeCR6TMDPbkh
+sViMb4OeZ0Z/wfyjowpiYHD9xJqVk4LwH3n609TBh3ve0ldS6E6nLkOYzR1aLqBO
+RvwCmWG/lwbTuOctVrzZMmdq/+t7oOgLRhk0HoHHhFarZbKlXJVDcGaOoXRMJD+m
+rSGF+YTsMRQuzMGAO6XNP+fzIDa7VUylsTFGxGFziYLeVbSyJbNMmgKc2x5URN9L
+7hycaqehAoGBAOwQyMMywr4MtysUNF4VIspBjCHWiyByAcz+H9dGhjEMvu+qk/LO
+Zt5JV/QWcNFJ+ZdiZII6l04Atlz7+j7iDS6MNO17jA9Pr/InwFa7Z66NwRbUOjPa
+H/rvF/U49Ktqe0yLw3nbwC/oBHqicqXaCjon8pHnsm2S18aaEYpjEkC9AoGBAOLU
+lFm1nlK5SZEu7csr9lcZCTRM0uNMud3CBvL6RoSbwsKIEoNtnyDmXnBctla1hZuQ
+jHxzrA4cIz2Ml3SiibHzyT8qm1pISQ30hzOl4bYJTh9jjuMiZWSZQTiTkHkzcbMn
+EGbWfoO92aBqn1AlzhGwbDrnkOLcoYjCwFVBSsbnAoGBAN5suh1h2KglZvjKIsV6
++LrFo/nGInTBtvylfO7j3lCdB9LeUGR5IefUB3FPK6GnJ+sBpF4oQqQWe72FFjbl
+2zG+nagdvsw2czuhRNLz5S9NFWAjO2vb3EIdwd8meTKCNAbdsaNB8QWygXXjVk76
+8KP3O9FKFI61y2WviVNxIaOpAoGBAMuxYlb9BWP8B9hccCYXIGwui1lv86EycWZ2
+qo7fuRu0VD0kvJtRgailtwDoAMX01DpSoBXSOhuhoPPQoOGYZFZtObeDp2Z3q0Lg
+59i1ie9Sg9kkKlhFtw+ToEISIZb1X5El71CqJYpgnmGz3cS3bknsSATNlgpjXpvV
+Z6onq+LZAoGAPuK5y8vBIaRlf07UUW5NziM1vgbJFzbrkslSC4CAWn7Cz3150zNL
+syWn+r2kWDIfp4XMXa2SoMrjHGJVro6Iv/C2CJzpajBkDS8qtZPAtbBE7dF3ZwbP
+iIepRR0dQ6xKOo9wpg5UGh7Xckthet6Dnb8f1wRtjtuqt1fC4AdPYac=
+-----END RSA PRIVATE KEY-----
diff --git a/roles/easyredmine/tasks/nginx.yml b/roles/easyredmine/tasks/nginx.yml
index 9f4bdf2..9bbf33e 100644
--- a/roles/easyredmine/tasks/nginx.yml
+++ b/roles/easyredmine/tasks/nginx.yml
@@ -21,8 +21,8 @@
     - nginx
     - passenger
 
-- template: dest=/etc/nginx/conf.d/easyredmine.conf
-            src=easyredmine.conf.j2
+- template: dest='/etc/nginx/conf.d/{{ ansible_fqdn }}.conf'
+            src=nginx.conf.j2
   sudo: yes
   notify: restart nginx
 
@@ -31,6 +31,11 @@
   sudo: yes
   notify: restart nginx
 
+- copy: dest='/etc/pki/tls/certs/{{ ansible_fqdn }}.pem'
+        src='{{ nginx_pem }}'
+  sudo: yes
+  notify: restart nginx
+
 - service: name=nginx
            state=started
   sudo: yes
diff --git a/roles/easyredmine/templates/nginx.conf.j2 b/roles/easyredmine/templates/nginx.conf.j2
new file mode 100644
index 0000000..5ced327
--- /dev/null
+++ b/roles/easyredmine/templates/nginx.conf.j2
@@ -0,0 +1,15 @@
+server {
+  listen 80;
+  server_name {{ ansible_fqdn }};
+  return 301 https://$host$request_uri;
+}
+
+server {
+  listen 443;
+  server_name {{ ansible_fqdn }};
+  ssl    on;
+  ssl_certificate     /etc/pki/tls/certs/{{ ansible_fqdn }}.pem;
+  ssl_certificate_key /etc/pki/tls/certs/{{ ansible_fqdn }}.pem;
+  root {{ redmine_root_dir }}/public;
+  passenger_enabled on;
+}