I recently installed a Let's Encrypt certificate on this site. I was surprised by how easy it was. Besides a few changes to my nginx configuration, most of the process, including the certificate generation was scripted.

One thing remained once I had a certified HTTPS site. I had to redirect any old HTTP traffic to the encrypted version.

The most straightforward way to do this is to simply issue a 301 redirect after declaring your port and server name in the server definition.

return 301 https://$host$request_uri;

Once I added this line, all traffic on this site would now be HTTPS.