diff --git a/states/roles/maintain/nginx-proxy/local.conf b/states/roles/maintain/nginx-proxy/local.conf
index 754729c..4aed126 100644
--- a/states/roles/maintain/nginx-proxy/local.conf
+++ b/states/roles/maintain/nginx-proxy/local.conf
@@ -19,13 +19,12 @@
     {%- set prot = "https" -%}
   {%- endif -%}
 server {
-  listen 443;
+  listen 443 ssl;
   server_name {{server}}.actcur.com {{wildcard}};
 
 #  resolver {{ resolver }};
   set $backend "{{prot}}://127.0.0.1{%- if port is defined -%}:{{port}}{%- endif -%}";
 
-  ssl on;
   ssl_certificate /etc/nginx/certs/{{server}}.actcur.com/fullchain.pem;
   ssl_certificate_key /etc/nginx/certs/{{server}}.actcur.com/privkey.pem;
   ssl_session_cache shared:SSL:10m;
diff --git a/states/roles/maintain/nginx-proxy/portal.conf b/states/roles/maintain/nginx-proxy/portal.conf
index ca6fb54..f16e087 100644
--- a/states/roles/maintain/nginx-proxy/portal.conf
+++ b/states/roles/maintain/nginx-proxy/portal.conf
@@ -1,12 +1,11 @@
 server {
 
-  listen 443 default_server;
+  listen 443 ssl default_server;
   server_name portal.actcur.com;
 
   resolver {{resolver}};
   set $certbot "https://salt.actcur.com";
 
-  ssl on;
   ssl_certificate /etc/nginx/certs/portal.actcur.com/fullchain.pem;
   ssl_certificate_key /etc/nginx/certs/portal.actcur.com/privkey.pem;
   ssl_session_cache shared:SSL:10m;
diff --git a/states/roles/maintain/nginx-proxy/remote.conf b/states/roles/maintain/nginx-proxy/remote.conf
index 9bccdd8..0613928 100644
--- a/states/roles/maintain/nginx-proxy/remote.conf
+++ b/states/roles/maintain/nginx-proxy/remote.conf
@@ -12,14 +12,13 @@
 {%- endif -%}
 
 server {
-  listen 443;
+  listen 443 ssl;
   server_name {{server}}.actcur.com {{wildcard}};
 
   resolver {{resolver}};
   set $backend "https://{{server}}.actcur.com";
   set $certbot "https://salt.actcur.com";
 
-  ssl on;
   ssl_certificate /etc/nginx/certs/{{server}}.actcur.com/fullchain.pem;
   ssl_certificate_key /etc/nginx/certs/{{server}}.actcur.com/privkey.pem;
   ssl_session_cache shared:SSL:10m;