Google has announced the move for several of their APIs to require SSL when making requests. This is a good thing.
If you aren’t planning on it already, now is a good time to expect new APIs to require SSL from the start. This is likely going to make TLS Server Name Indication an even bigger deal, as demand for SSL services increases and IP addresses become more expensive.
Since I managed to do this incorrectly a couple of times I figured it was worth noting here.
You already have a working site setup in Nginx that uses SSL. Now you want to make sure that any non-SSL requests to the site get redirected. Turns out to be very simple:
rewrite ^(.*) https://$server_name$1 permanent;
This sends back an
HTTP/1.1 301 Moved Permanently response for non-SSL requests for example.com.
Three short and easy to read lines, I like it.