diff --git a/services/proxy/000-default.conf b/services/proxy/000-default.conf
index 2d703eb9b7325e6567e50bf2e386c398ed08f12a..2d43f2b62b835dbaa3e16107276a3d2b2781d563 100644
--- a/services/proxy/000-default.conf
+++ b/services/proxy/000-default.conf
@@ -36,10 +36,10 @@
     #  1) dev env is different than staging/production, and
     #  2) other roules in 001-proxy.conf are never reached
 
-    #RewriteEngine On
-    #RewriteCond %{HTTPS} off
-    #RewriteCond %{HTTP_HOST} !=localhost
-    #RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
+    RewriteEngine On
+    RewriteCond %{HTTPS} off
+    RewriteCond %{HTTP_HOST} !=localhost
+    RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
     
     ProxyPass / http://webapp:8080/
     ProxyPassReverse / http://webapp:8080/ 
diff --git a/services/proxy/001-proxy.conf b/services/proxy/001-proxy.conf
index 052a1a6d6465dd65dad41c2b51348c467241ce75..6f02cde7f5f9d65e93a05e0cd3fa3ee97156095b 100644
--- a/services/proxy/001-proxy.conf
+++ b/services/proxy/001-proxy.conf
@@ -3,26 +3,28 @@
 #  Rosetta platform 
 #---------------------------
 
+# WARNING: not relevant anymore, see 000-default.conf
+
 # Non-SSL
-<VirtualHost *:80>
-    ServerName rosetta.platform
-    Redirect 301 / https://rosetta.platform/
-</VirtualHost>
+#<VirtualHost *:80>
+#    ServerName rosetta.platform
+#    Redirect 301 / https://rosetta.platform/
+#</VirtualHost>
 
 # SSL
-<VirtualHost *:443>
-    
-    ServerName rosetta.platform
-
-    SSLEngine on
-    SSLCertificateFile /root/certificates/rosetta_platform/rosetta_platform.crt
-    SSLCertificateKeyFile /root/certificates/rosetta_platform/rosetta_platform.key
-    SSLCACertificateFile /root/certificates/rosetta_platform/rosetta_platform.ca-bundle
-
-    ProxyPass / http://webapp:8080/
-    ProxyPassReverse / http://webapp:8080/
+#<VirtualHost *:443>
+#    
+#    ServerName rosetta.platform
+#
+#    SSLEngine on
+#    SSLCertificateFile /root/certificates/rosetta_platform/rosetta_platform.crt
+#    SSLCertificateKeyFile /root/certificates/rosetta_platform/rosetta_platform.key
+#    SSLCACertificateFile /root/certificates/rosetta_platform/rosetta_platform.ca-bundle
+#
+#    ProxyPass / http://webapp:8080/
+#    ProxyPassReverse / http://webapp:8080/
     
-</VirtualHost>
+#</VirtualHost>
 
 # vim: syntax=apache ts=4 sw=4 sts=4 sr noet
 
diff --git a/services/proxy/default-ssl.conf b/services/proxy/default-ssl.conf
index 6a67b5b84c6f3a15426c8aeb08cd41e5d03b4c8c..a52f5b0133de50e5fb87f945afb0b6acf2d33b3a 100644
--- a/services/proxy/default-ssl.conf
+++ b/services/proxy/default-ssl.conf
@@ -30,8 +30,11 @@
         #   /usr/share/doc/apache2/README.Debian.gz for more info.
         #   If both key and certificate are stored in the same file, only the
         #   SSLCertificateFile directive is needed.
-        SSLCertificateFile  /etc/ssl/certs/ssl-cert-snakeoil.pem
-        SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
+        #SSLCertificateFile  /etc/ssl/certs/ssl-cert-snakeoil.pem
+        #SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
+        SSLCertificateFile /root/certificates/rosetta_platform/rosetta_platform.crt
+        SSLCertificateKeyFile /root/certificates/rosetta_platform/rosetta_platform.key
+        SSLCACertificateFile /root/certificates/rosetta_platform/rosetta_platform.ca-bundle
 
         #   Server Certificate Chain:
         #   Point SSLCertificateChainFile at a file containing the