diff --git a/rootfs/etc/confd/templates/nginx.conf.tmpl b/rootfs/etc/confd/templates/nginx.conf.tmpl
index 22003c5..038cc05 100644
--- a/rootfs/etc/confd/templates/nginx.conf.tmpl
+++ b/rootfs/etc/confd/templates/nginx.conf.tmpl
@@ -23,6 +23,11 @@ http {
         # List port
         listen {{"{{"}}GIN_PORT{{"}}"}};
 
+        ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
+        ssl_certificate /etc/ssl/nginx/fullchain.pem;
+        ssl_certificate_key /etc/ssl/nginx/privkey.key;
+        ssl_ciphers HIGH:!aNULL:!MD5;
+
         keepalive_timeout 70;
 
         # Access log with buffer, or disable it completetely if unneeded