note: this post assumes nginx is running as www-data If you want to enable HTTPS on your site, you must have a certificate and its key. Therefore, in order to allow nginx to read the SSL key file, you have to allow www-data to read it, right? Well, no. It makes sense for some people to do that, but in reality you don't have to sacrifice security in order to enable HTTPS on your site. So, how do we