diff --git a/config/nginx/rstat.net-SSL.conf b/config/nginx/rstat.net-SSL.conf
index 420c772..275e518 100644
--- a/config/nginx/rstat.net-SSL.conf
+++ b/config/nginx/rstat.net-SSL.conf
@@ -2,13 +2,13 @@ server {
   listen 443 ssl;
   listen [::]:443 ssl;
 
-  server_name rstat.net www.rstat.net;
+  server_name www.rstat.net rstat.net;
   server_tokens off;
 
   http2 on;
 
-  ssl_certificate /etc/nginx/ssl/live/rstat.net/fullchain.pem;
-  ssl_certificate_key /etc/nginx/ssl/live/rstat.net/privkey.pem;
+  ssl_certificate /etc/nginx/ssl/live/www.rstat.net/fullchain.pem;
+  ssl_certificate_key /etc/nginx/ssl/live/www.rstat.net/privkey.pem;
 
   # HSTS (ngx_http_headers_module is required) (63072000 seconds)
   add_header Strict-Transport-Security "max-age=63072000" always;
@@ -42,7 +42,7 @@ ssl_stapling on;
 ssl_stapling_verify on;
 
 # verify chain of trust of OCSP response using Root CA and Intermediate certs
-ssl_trusted_certificate /etc/nginx/ssl/live/rstat.net/chain.pem;
+ssl_trusted_certificate /etc/nginx/ssl/live/www.rstat.net/chain.pem;
 
 # replace with the IP address of your resolver;
 # async 'resolver' is important for proper operation of OCSP stapling