diff --git a/.gitignore b/.gitignore
index dd2e7de..c401c4c 100644
--- a/.gitignore
+++ b/.gitignore
@@ -24,4 +24,10 @@ portfolio.session.sql
 psd
 thumb
 sketch
-.vscode
\ No newline at end of file
+.vscode
+portfolio/origin_ca.pem
+portfolio/origin_ca.key
+portfolio/nginx/certs/origin_ca.key
+portfolio/nginx/certs/origin_ca.pem
+portfolio/nginx/certs/default.cert
+portfolio/nginx/certs/default.key
diff --git a/portfolio/docker-compose.yml b/portfolio/docker-compose.yml
index e6b3d88..fd24252 100644
--- a/portfolio/docker-compose.yml
+++ b/portfolio/docker-compose.yml
@@ -40,6 +40,7 @@ services:
       - portfolio
     restart: unless-stopped
   server:
+    # restart: always
     env_file:
       - .env
     environment:
@@ -48,10 +49,10 @@ services:
       context: ./nginx
       dockerfile: Dockerfile
     ports:
-      - ${NGINX_PORT}:${NGINX_PORT}
+      - ${NGINX_PORT_HTTP}:${NGINX_PORT_HTTP}
+      - ${NGINX_PORT_HTTPS}:${NGINX_PORT_HTTPS}
     volumes:
-      - origin_ca.pem:/etc/ssl/origin_ca.pem:ro
-      - origin_ca.key:/etc/ssl/origin_ca.key:ro
+      - ./nginx/certs:/etc/nginx/certs
     #   - certbot-etc:/etc/letsencrypt
     #   - certbot-var:/var/lib/letsencrypt
     depends_on:
diff --git a/portfolio/nginx/Dockerfile b/portfolio/nginx/Dockerfile
index 3ce7af5..d3586b7 100644
--- a/portfolio/nginx/Dockerfile
+++ b/portfolio/nginx/Dockerfile
@@ -2,6 +2,13 @@ FROM nginx:bookworm
 
 RUN rm /etc/nginx/conf.d/default.conf
 
+RUN mkdir /etc/nginx/ssl
+RUN chown -R root:root /etc/nginx/ssl
+RUN chmod -R 600 /etc/nginx/ssl
+
+# COPY ./certs/origin_ca.pem /etc/nginx/ssl/default.cert
+# COPY ./certs/origin_ca.key /etc/nginx/ssl/default.key
+
 COPY nginx.conf /etc/nginx/templates/default.conf.conf
 
 # CMD ["nginx", "-g", "daemon off;"]
\ No newline at end of file
diff --git a/portfolio/nginx/nginx.conf b/portfolio/nginx/nginx.conf
index 31a119c..72abb6b 100644
--- a/portfolio/nginx/nginx.conf
+++ b/portfolio/nginx/nginx.conf
@@ -1,10 +1,10 @@
 server {
-  listen ${NGINX_PORT};
-  listen [::]:${NGINX_PORT};
+  listen ${NGINX_PORT_HTTPS} ssl;
+  listen [::]:${NGINX_PORT_HTTPS};
 
-  ssl    on;
-  ssl_certificate    /etc/ssl/origin_ca.pem;
-  ssl_certificate_key    /etc/ssl/origin_ca.key;
+  # ssl    on;
+  ssl_certificate    /etc/nginx/certs/default.cert;
+  ssl_certificate_key    /etc/nginx/certs/default.key;
 
   server_name ${SERVER_NAME};