diff --git a/deployment/bare_metal/install.sh b/deployment/bare_metal/install.sh
index e11206912..27ddf844f 100755
--- a/deployment/bare_metal/install.sh
+++ b/deployment/bare_metal/install.sh
@@ -71,6 +71,7 @@ sudo apt-get install -y nginx
 sudo rm /etc/nginx/sites-enabled/default
 sudo ln -s /home/gradido/gradido/deployment/bare_metal/nginx/sites-available/gradido.conf /etc/nginx/sites-available
 sudo ln -s /etc/nginx/sites-available/gradido.conf /etc/nginx/sites-enabled
+sudo ln -s /home/gradido/gradido/deployment/bare_metal/nginx/sites-available/update-page.conf /etc/nginx/sites-available
 cd /etc/nginx
 sudo ln -s /home/gradido/gradido/deployment/bare_metal/nginx/common common
 
@@ -108,4 +109,8 @@ esac
 envsubst "$(env | sed -e 's/=.*//' -e 's/^/\$/g')" < $TEMPLATE_FILE > gradido.conf
 
 # Generate update-page.conf from template
-envsubst "$(env | sed -e 's/=.*//' -e 's/^/\$/g')" < update-page.conf.template > update-page.conf
\ No newline at end of file
+case "$NGINX_SSL" in
+ true) TEMPLATE_FILE="update-page.conf.ssl.template" ;;
+    *) TEMPLATE_FILE="update-page.conf.template" ;;
+esac
+envsubst "$(env | sed -e 's/=.*//' -e 's/^/\$/g')" < $TEMPLATE_FILE > update-page.conf
\ No newline at end of file
diff --git a/deployment/bare_metal/nginx/sites-available/update-page.conf.template b/deployment/bare_metal/nginx/sites-available/update-page.conf.template
index 902908ab0..9e7a96328 100644
--- a/deployment/bare_metal/nginx/sites-available/update-page.conf.template
+++ b/deployment/bare_metal/nginx/sites-available/update-page.conf.template
@@ -1,21 +1,16 @@
 
 server {
-        server_name _;
-        listen 80;
-        listen [::]:80;
+      server_name _;
+      listen 80;
+      listen [::]:80;
 
-        include /etc/nginx/common/protect.conf;
-        include /etc/nginx/common/protect_add_header.conf;
+      include /etc/nginx/common/protect.conf;
+      include /etc/nginx/common/protect_add_header.conf;
 
-        root $NGINX_UPDATE_PAGE_ROOT;
-        index updating.html;
+      root $NGINX_UPDATE_PAGE_ROOT;
+      index updating.html;
 
-        #location / {
-        #   alias $NGINX_UPDATE_PAGE_ROOT;
-        #   index updating.html; 
-        #}
-
-        #access_log /var/log/nginx/access.log main;
+      #access_log /var/log/nginx/access.log main;
 
 }
 
diff --git a/deployment/bare_metal/nginx/sites-available/update-page.ssl.conf.template b/deployment/bare_metal/nginx/sites-available/update-page.ssl.conf.template
new file mode 100644
index 000000000..4dd44c4c6
--- /dev/null
+++ b/deployment/bare_metal/nginx/sites-available/update-page.ssl.conf.template
@@ -0,0 +1,31 @@
+
+server {
+    if ($host = $NGINX_SERVER_NAME) {
+        return 301 https://$host$request_uri;
+    }
+
+    server_name $NGINX_SERVER_NAME;
+    listen 80;
+    listen [::]:80;
+    return 404;
+}
+server {
+    server_name $NGINX_SERVER_NAME;
+
+    listen [::]:443 ssl ipv6only=on;
+    listen 443 ssl;
+    ssl_certificate $NGINX_SSL_CERTIFICATE;
+    ssl_certificate_key $NGINX_SSL_CERTIFICATE_KEY;
+    include $NGINX_SSL_INCLUDE;
+    ssl_dhparam $NGINX_SSL_DHPARAM;
+
+    include /etc/nginx/common/protect.conf;
+    include /etc/nginx/common/protect_add_header.conf;
+
+    root $NGINX_UPDATE_PAGE_ROOT;
+    index updating.html;
+
+    #access_log /var/log/nginx/access.log main;
+
+}
+