diff --git a/.gitignore b/.gitignore
index 6458b72..1db809d 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1 +1,3 @@
 proxy.conf
+cert.key
+cert.crt
diff --git a/createNginx.sh b/createNginx.sh
index e7778df..79f5812 100755
--- a/createNginx.sh
+++ b/createNginx.sh
@@ -1,4 +1,4 @@
-#!/bin/bash
+#!/bin/bash -x
 set -e
 GERRIT_NAME=${GERRIT_NAME:-gerrit}
 JENKINS_NAME=${JENKINS_NAME:-jenkins}
@@ -9,40 +9,42 @@ NGINX_IMAGE_NAME=${NGINX_IMAGE_NAME:-nginx}
 NGINX_NAME=${NGINX_NAME:-proxy}
 NGINX_MAX_UPLOAD_SIZE=${NGINX_MAX_UPLOAD_SIZE:-200m}
 
+NGINX_USE_HTTPS=${NGINX_USE_HTTPS:-1}
+
+if [ ${NGINX_USE_HTTPS} -eq 1 ]; then
+    if [ ! -e ~/nginx-docker/cert.key ]; then
+        openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout cert.key -out cert.crt
+    fi
+fi
+
 PROXY_CONF=proxy.conf
 
 # Setup proxy URI
+
+~/nginx-docker/proxyconf.sh > ~/nginx-docker/${PROXY_CONF}
+
+args=( run \
+      --name ${NGINX_NAME} \
+      --link ${GERRIT_NAME}:${GERRIT_NAME} \
+      --link ${JENKINS_NAME}:${JENKINS_NAME} \
+      --link ${REDMINE_NAME}:${REDMINE_NAME} )
+
 if [ ${#NEXUS_WEBURL} -eq 0 ]; then
-    sed "s/{{HOST_URL}}/${HOST_NAME}/g" ~/nginx-docker/${PROXY_CONF}.nexus.template > ~/nginx-docker/${PROXY_CONF}
+    args+=( --link ${NEXUS_NAME}:${NEXUS_NAME} \
+            -v ~/nginx-docker/directory.nexus.html:/usr/share/nginx/html/directory.html:ro )
 else
-    sed "s/{{HOST_URL}}/${HOST_NAME}/g" ~/nginx-docker/${PROXY_CONF}.template > ~/nginx-docker/${PROXY_CONF}
+    args+=( -v ~/nginx-docker/directory.html:/usr/share/nginx/html/directory.html:ro )
 fi
-sed -i "s/{GERRIT_URI}/${GERRIT_NAME}/g" ~/nginx-docker/${PROXY_CONF}
-sed -i "s/{JENKINS_URI}/${JENKINS_NAME}/g" ~/nginx-docker/${PROXY_CONF}
-sed -i "s/{REDMINE_URI}/${REDMINE_NAME}/g" ~/nginx-docker/${PROXY_CONF}
-sed -i "s/{NEXUS_URI}/${NEXUS_NAME}/g" ~/nginx-docker/${PROXY_CONF}
-sed -i "s/{{NGINX_MAX_UPLOAD_SIZE}}/${NGINX_MAX_UPLOAD_SIZE}/g" ~/nginx-docker/${PROXY_CONF}
-
-# Start proxy
-if [ ${#NEXUS_WEBURL} -eq 0 ]; then #proxy nexus
-    docker run \
-    --name ${NGINX_NAME} \
-    --link ${GERRIT_NAME}:${GERRIT_NAME} \
-    --link ${JENKINS_NAME}:${JENKINS_NAME} \
-    --link ${REDMINE_NAME}:${REDMINE_NAME} \
-    --link ${NEXUS_NAME}:${NEXUS_NAME} \
-    -p 80:80 \
-    -v ~/nginx-docker/${PROXY_CONF}:/etc/nginx/conf.d/default.conf:ro \
-    -v ~/nginx-docker/directory.nexus.html:/usr/share/nginx/html/directory.html:ro \
-    -d ${NGINX_IMAGE_NAME}
-else #without nexus
-    docker run \
-    --name ${NGINX_NAME} \
-    --link ${GERRIT_NAME}:${GERRIT_NAME} \
-    --link ${JENKINS_NAME}:${JENKINS_NAME} \
-    --link ${REDMINE_NAME}:${REDMINE_NAME} \
-    -p 80:80 \
-    -v ~/nginx-docker/${PROXY_CONF}:/etc/nginx/conf.d/default.conf:ro \
-    -v ~/nginx-docker/directory.html:/usr/share/nginx/html/directory.html:ro \
-    -d ${NGINX_IMAGE_NAME}
+
+if [ ${NGINX_USE_HTTPS} -eq 1 ]; then
+    args+=( -v ~/nginx-docker/cert.crt:/etc/nginx/cert.crt:ro \
+            -v ~/nginx-docker/cert.key:/etc/nginx/cert.key:ro \
+            -p 443:443 )
 fi
+
+args+=( -p 80:80 \
+        -v ~/nginx-docker/${PROXY_CONF}:/etc/nginx/conf.d/default.conf:ro )
+args+=( -d ${NGINX_IMAGE_NAME} )
+
+docker ${args[@]}
+
diff --git a/proxy.conf.nexus.template b/proxy.conf.nexus.template
deleted file mode 100644
index 661e456..0000000
--- a/proxy.conf.nexus.template
+++ /dev/null
@@ -1,54 +0,0 @@
-server {
-    listen       80;
-    server_name  {{HOST_URL}};
-    client_max_body_size {{NGINX_MAX_UPLOAD_SIZE}};
-
-    location / {
-        root   /usr/share/nginx/html;
-        index  directory.html;
-    }
-
-    location /{GERRIT_URI}/ {
-        proxy_pass    http://{GERRIT_URI}:8080;
-        proxy_set_header    X-Forwarded-For $remote_addr;
-        proxy_set_header    Host $host;
-    }
-
-    location /{JENKINS_URI} {
-        proxy_pass    http://{JENKINS_URI}:8080;
-        proxy_set_header    X-Forwarded-For $proxy_add_x_forwarded_for;
-        proxy_set_header    X-Real-IP $remote_addr;
-        proxy_set_header    Host $host;
-    }
-
-    location /{REDMINE_URI} {
-        proxy_pass    http://{REDMINE_URI};
-        proxy_set_header    X-Forwarded-For $proxy_add_x_forwarded_for;
-        proxy_set_header    X-Real-IP $remote_addr;
-        proxy_set_header    Host $host;
-    }
-
-    location /{NEXUS_URI} {
-        proxy_pass    http://{NEXUS_URI}:8081;
-        proxy_set_header    X-Forwarded-For $proxy_add_x_forwarded_for;
-        proxy_set_header    X-Real-IP $remote_addr;
-        proxy_set_header    Host $host;
-        proxy_send_timeout 300;
-        proxy_read_timeout 300;
-        keepalive_timeout  300;
-        send_timeout       300;
-    }
-
-    error_page  404              /directory.html;
-    location = /directory.html {
-        root   /usr/share/nginx/html;
-    }
-
-    # redirect server error pages to the static page /50x.html
-    #
-    error_page   500 502 503 504  /50x.html;
-    location = /50x.html {
-        root   /usr/share/nginx/html;
-    }
-}
-
diff --git a/proxy.conf.template b/proxy.conf.template
deleted file mode 100644
index 1d224f2..0000000
--- a/proxy.conf.template
+++ /dev/null
@@ -1,43 +0,0 @@
-server {
-    listen       80;
-    server_name  {{HOST_URL}};
-    client_max_body_size {{NGINX_MAX_UPLOAD_SIZE}};
-
-    location / {
-        root   /usr/share/nginx/html;
-        index  directory.html;
-    }
-
-    location /{GERRIT_URI}/ {
-        proxy_pass    http://{GERRIT_URI}:8080;
-        proxy_set_header    X-Forwarded-For $remote_addr;
-        proxy_set_header    Host $host;
-    }
-
-    location /{JENKINS_URI} {
-        proxy_pass    http://{JENKINS_URI}:8080;
-        proxy_set_header    X-Forwarded-For $proxy_add_x_forwarded_for;
-        proxy_set_header    X-Real-IP $remote_addr;
-        proxy_set_header    Host $host;
-    }
-
-    location /{REDMINE_URI} {
-        proxy_pass    http://{REDMINE_URI};
-        proxy_set_header    X-Forwarded-For $proxy_add_x_forwarded_for;
-        proxy_set_header    X-Real-IP $remote_addr;
-        proxy_set_header    Host $host;
-    }
-
-    error_page  404              /directory.html;
-    location = /directory.html {
-        root   /usr/share/nginx/html;
-    }
-
-    # redirect server error pages to the static page /50x.html
-    #
-    error_page   500 502 503 504  /50x.html;
-    location = /50x.html {
-        root   /usr/share/nginx/html;
-    }
-}
-
diff --git a/proxyconf.sh b/proxyconf.sh
new file mode 100755
index 0000000..ad4882f
--- /dev/null
+++ b/proxyconf.sh
@@ -0,0 +1,112 @@
+#! /bin/bash
+
+set -e
+
+source ~/ci/config
+source ~/ci/config.default
+
+set -u
+
+GERRIT_NAME=${GERRIT_NAME:-gerrit}
+JENKINS_NAME=${JENKINS_NAME:-jenkins}
+REDMINE_NAME=${REDMINE_NAME:-redmine}
+NEXUS_NAME=${NEXUS_NAME:-nexus}
+NEXUS_WEBURL=${NEXUS_WEBURL:-}
+
+NGINX_IMAGE_NAME=${NGINX_IMAGE_NAME:-nginx}
+NGINX_NAME=${NGINX_NAME:-proxy}
+NGINX_MAX_UPLOAD_SIZE=${NGINX_MAX_UPLOAD_SIZE:-200m}
+
+if [ -e ~/nginx-docker/cert.key ]; then
+
+  cat << EOF
+  server {
+    listen 80;
+    return 301 https://\$host\$request_uri;
+}
+
+server {
+
+    listen 443;
+    server_name ${HOST_NAME};
+
+    ssl_certificate           /etc/nginx/cert.crt;
+    ssl_certificate_key       /etc/nginx/cert.key;
+
+    ssl on;
+    ssl_session_cache  builtin:1000  shared:SSL:10m;
+    ssl_protocols  TLSv1 TLSv1.1 TLSv1.2;
+    ssl_ciphers HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4;
+    ssl_prefer_server_ciphers on;
+EOF
+
+else
+
+  cat << EOF
+server {
+    listen       80;
+    server_name  ${HOST_NAME};
+EOF
+
+fi
+
+cat << EOF
+    client_max_body_size ${NGINX_MAX_UPLOAD_SIZE};
+
+    location / {
+        root   /usr/share/nginx/html;
+        index  directory.html;
+    }
+
+    location /${GERRIT_NAME}/ {
+        proxy_pass    http://${GERRIT_NAME}:8080;
+        proxy_set_header    X-Forwarded-For \$remote_addr;
+        proxy_set_header    Host \$host;
+    }
+
+    location /${JENKINS_NAME} {
+        proxy_pass    http://${JENKINS_NAME}:8080;
+        proxy_set_header    X-Forwarded-For \$proxy_add_x_forwarded_for;
+        proxy_set_header    X-Real-IP \$remote_addr;
+        proxy_set_header    Host \$host;
+    }
+
+    location /${REDMINE_NAME} {
+        proxy_pass    http://${REDMINE_NAME};
+        proxy_set_header    X-Forwarded-For \$proxy_add_x_forwarded_for;
+        proxy_set_header    X-Real-IP \$remote_addr;
+        proxy_set_header    Host \$host;
+    }
+EOF
+
+
+if [ ${#NEXUS_WEBURL} -eq 0 ]; then
+  cat << EOF
+    location /${NEXUS_NAME} {
+        proxy_pass    http://${NEXUS_NAME}:8081;
+        proxy_set_header    X-Forwarded-For \$proxy_add_x_forwarded_for;
+        proxy_set_header    X-Real-IP \$remote_addr;
+        proxy_set_header    Host \$host;
+        proxy_send_timeout 300;
+        proxy_read_timeout 300;
+        keepalive_timeout  300;
+        send_timeout       300;
+    }
+EOF
+fi
+
+cat << EOF
+    error_page  404              /directory.html;
+    location = /directory.html {
+        root   /usr/share/nginx/html;
+    }
+
+    # redirect server error pages to the static page /50x.html
+    #
+    error_page   500 502 503 504  /50x.html;
+    location = /50x.html {
+        root   /usr/share/nginx/html;
+    }
+}
+EOF
+