If you are configuring an nginx website to use SSL and - by any chance - you need to setup more than one “server” entry (for instance to make www redirect to the plain URL), keep in mind that you need to declare the ssl certificate mumbo-jumbo in both entries, otherwise browsers will enter a redirect loop.

Something like the following will do:

server {
        listen 443 ssl;
        server_name www.zenblast.com;

        include zenblast-ssl.conf;

        return 301 $scheme://zenblast.com$request_uri;
}

server {
        server_name zenblast.com;
        listen              443 ssl;

        include zenblast-ssl.conf;

        ...
}

zenblast-ssl.conf is where we define stuff like ssl_certificate, ssl_certificate_key, ssl on, ssl_ciphers, ssl_prefer_server_ciphers on, and ssl_protocols. Notice that the file is included in both entries.

Hope this helps save someone 30 minutes of Googling :)