diff --git a/.env.staging b/.env.staging
index d9517f7..60fd68d 100644
--- a/.env.staging
+++ b/.env.staging
@@ -13,4 +13,4 @@ STAGING_DOMAIN=www.ensl.org
 STAGING_PORT=5001
 STAGING_PORT_SSL=5000
 
-MYSQL_DATABASE=ensl_staging
\ No newline at end of file
+MYSQL_DATABASE=ensl_staging
diff --git a/docker-compose.yml b/docker-compose.yml
index 2f31766..7fb15e2 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -155,8 +155,7 @@ services:
     stdin_open: true
     command: /bin/bash -c "envsubst '$$PUMA_PORT $$APP_PATH $$APP_PATH_PUBLIC $$STAGING_ROOT_DOMAIN $$STAGING_DOMAIN $$STAGING_PORT $$STAGING_PORT_SSL' < /etc/nginx/conf.d/*.conf.template > /etc/nginx/conf.d/default.conf && cat /etc/nginx/conf.d/*.conf && nginx -g 'daemon off;'"
     volumes:
-      - ./ext/ssl/fullchain.pem:/etc/ssl/certs/ensl_fullchain.pem
-      - ./ext/ssl/privkey.pem:/etc/ssl/private/ensl_privkey.pem
+      - ./ext/ssl:/etc/ssl/ensl
       - ./ext/nginx.conf.d/:/etc/nginx/conf.d/
       - ./public:/var/www/public
     ports:
@@ -185,4 +184,4 @@ services:
 # and the container. It's not necessary to be able to run spring
 # commands, but it is necessary for "spring status" and "spring stop"
 # to work properly.
-# pid: host
\ No newline at end of file
+# pid: host
diff --git a/ext/nginx.conf.d/staging.conf.template b/ext/nginx.conf.d/staging.conf.template
index 946196c..7de6a09 100644
--- a/ext/nginx.conf.d/staging.conf.template
+++ b/ext/nginx.conf.d/staging.conf.template
@@ -23,16 +23,15 @@ upstream puma {
 #}
 
 # HTTP -> HTTPS redirect
-#server {
-#  listen *:STAGING_PORT;
-#  server_name $STAGING_DOMAIN;
-#  return 301 https://$STAGING_DOMAIN$request_uri;
-#}
+server {
+  listen *:$STAGING_PORT;
+  # server_name $STAGING_DOMAIN;
+  return 301 https://$STAGING_DOMAIN$request_uri;
+}
 
 server {
-  listen *:$STAGING_PORT default_server;
-  ## SSL disabled for now
-  # listen *:STAGING_PORT_SSL ssl default_server;
+  #listen *:$STAGING_PORT default_server;
+  listen *:$STAGING_PORT_SSL ssl default_server;
 
   ## domain_agnostic staging
   # server_name $STAGING_DOMAIN;
@@ -44,8 +43,8 @@ server {
   # auth_basic           "Staging Area";
   # auth_basic_user_file "/etc/nginx/conf.d/.htpasswd_staging";
 
-  # ssl_certificate /etc/ssl/certs/ensl_fullchain.pem;
-  # ssl_certificate_key /etc/ssl/private/ensl_privkey.pem;
+  ssl_certificate /etc/ssl/ensl/fullchain.pem;
+  ssl_certificate_key /etc/ssl/ensl/privkey.pem;
 
   # ssl-cert /etc/ssl/certs/ssl-cert-snakeoil.pem
   # ssl_certificate_key /etc/ssl/private/ssl-cert-snakeoil.key
@@ -90,4 +89,4 @@ server {
   }
 
   try_files $uri/index.html $uri @puma;
-}
\ No newline at end of file
+}