diff --git a/nginx.tmpl b/nginx.tmpl
index cc450f0..08807b7 100644
--- a/nginx.tmpl
+++ b/nginx.tmpl
@@ -6,6 +6,23 @@ server {
 	return 503;
 }
 
+server {
+	listen 443 default_server;
+	server_name _; # This is just an invalid value which will never trigger on a real hostname.
+	error_log /proc/self/fd/2;
+	access_log /proc/self/fd/1;
+
+	ssl on;
+	ssl_certificate /etc/nginx/certificates/server.crt;
+	ssl_certificate_key /etc/nginx/certificates/server.key;
+	ssl_session_timeout 5m;
+	ssl_protocols SSLv3 TLSv1;
+	ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv3:+EXP;
+	ssl_prefer_server_ciphers on;
+
+	return 503;
+}
+
 {{ range $host, $containers := groupByMulti $ "Env.VIRTUAL_HOST" "," }}
 upstream {{ $host }} {