diff --git a/nginx/nginx/nginx.conf b/nginx/nginx/nginx.conf
index 843c1e8..bd833df 100644
--- a/nginx/nginx/nginx.conf
+++ b/nginx/nginx/nginx.conf
@@ -7,18 +7,33 @@
 # https://www.ssllabs.com/
 
 
-#DH-Param maken:
+## DH-Param maken:
 #sudo openssl dhparam -out /docker/nginx/nginx/conf_split/dhparam-2048.pem 2048
 #sudo openssl dhparam -out /docker/nginx/nginx/conf_split/dhparam-4096.pem 4096
 
 
-# controleren of dit bestand goed is:
+## controleren of dit bestand goed is:
 # docker exec nginx sh -c "nginx -t -c /config/nginx/nginx.conf"
 
-#zonder downtime nginx reloaden:
+## zonder downtime nginx reloaden:
 # docker exec -it nginx s6-svc -h /var/run/s6/services/nginx
 
-#Cert  vernieuwen:
+## Cert aanmaken
+#sudo docker run -it --rm \
+#-v /docker/nginx/letsencrypt:/etc/letsencrypt \
+#-v /docker/nginx/letsencrypt_var:/var/lib/letsencrypt \
+#-v /docker/nginx/letsencrypt/letsencrypt-site:/data/letsencrypt \
+#-v "/docker/nginx/letsencrypt/log:/var/log/letsencrypt" \
+#certbot/certbot \
+#certonly --webroot \
+#--email "example@example.nl" \
+#--agree-tos \
+#--rsa-key-size "4096" \
+#--cert-name "example.example.com" \
+#--webroot-path=/data/letsencrypt \
+#-d example.example.com
+
+## Cert  vernieuwen:
 # docker run --rm -it --name certbot \
 # -v "/docker/nginx/letsencrypt:/etc/letsencrypt" \
 # -v "/docker/nginx/letsencrypt_var:/var/lib/letsencrypt" \
@@ -143,10 +158,10 @@ server {
 
   server {
     include    "/config/nginx/conf_split/listen443.conf";
-    server_name lermer.nl www.lermer.nl;
-      ssl_certificate         /config/letsencrypt/live/lermer.nl/fullchain.pem;
-      ssl_certificate_key     /config/letsencrypt/live/lermer.nl/privkey.pem;
-      ssl_trusted_certificate /config/letsencrypt/live/lermer.nl/chain.pem;
+    server_name example.com www.example.com;
+      ssl_certificate         /config/letsencrypt/live/example.com/fullchain.pem;
+      ssl_certificate_key     /config/letsencrypt/live/example.com/privkey.pem;
+      ssl_trusted_certificate /config/letsencrypt/live/example.com/chain.pem;
       #include    "/config/nginx/conf_split/ssl_dhparam_2048.conf";
       include    "/config/nginx/conf_split/ssl_dhparam_4096.conf";
       include    "/config/nginx/conf_split/ssl_protocol.conf";
@@ -175,14 +190,14 @@ server {
 
   server {
       include    "/config/nginx/conf_split/listen443.conf";
-      server_name test.lermer.nl;
-      ssl_certificate         /config/letsencrypt/live/test.lermer.nl/fullchain.pem;
-      ssl_certificate_key     /config/letsencrypt/live/test.lermer.nl/privkey.pem;
-      ssl_trusted_certificate /config/letsencrypt/live/test.lermer.nl/chain.pem;
+      server_name test.example.com;
+      ssl_certificate         /config/letsencrypt/live/test.example.com/fullchain.pem;
+      ssl_certificate_key     /config/letsencrypt/live/test.example.com/privkey.pem;
+      ssl_trusted_certificate /config/letsencrypt/live/test.example.com/chain.pem;
       #include    "/config/nginx/conf_split/ssl_dhparam_2048.conf";
       include    "/config/nginx/conf_split/ssl_dhparam_4096.conf";
 
-      include    "/config/nginx/conf_split/ssl_protocol.conf";
+      include    "/config/nginx/conf_split/ssl_protocol_strong.conf";
       include    "/config/nginx/conf_split/headers.conf";
       
       add_header Content-Security-Policy "default-src 'self'; connect-src *; font-src *; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';";