wordpress-nginx-main/sites-available/admin-over-ssl.conf

### No need to enable the following in wp-config.php
# define('FORCE_SSL_ADMIN', true);
# define('FORCE_SSL_LOGIN', true);

### Process non-SSL requests
server {
    listen 80;
    server_name example.com;
    index index.php;

    # Replace the path with the actual path to WordPress core files
    root /home/username/sites/example.com/public;

    # Process PHP requests
    location ~ \.php$ {
        # Request to wp-login to go through HTTPS protocol
        location ~ /wp-(admin|login) {
            return 301 https://$host$request_uri;
        }

        # Process non-admin requests
        try_files                $uri =404;
        include "fastcgi.conf";
        fastcgi_param  SCRIPT_FILENAME    $document_root$fastcgi_script_name;
        fastcgi_index            index.php;
        fastcgi_pass             fpm;
    }

    # Nginx way of mod_write
    location / {
        try_files $uri $uri/ /index.php$is_args$args;
    }

}
server {
    listen 443 ssl;
    server_name example.com;
    index index.php;

    # Replace the path with the actual path to WordPress core files
    root /home/username/sites/example.com/public;

    # Generate Certificates
    # http://wiki.nginx.org/HttpSslModule#Generate_Certificates
    ssl_certificate /path/to/combined.crt;
    ssl_certificate_key /path/to/server.key;

    # Logs
    access_log /var/log/nginx/example.com-access.log combined buffer=64k flush=5m if=$loggable;
    error_log /var/log/nginx/example.com-error.log;

    # Process requests to wp-admin/* and wp-login.php
    location ~ /wp-(admin|login) {
        location ~ \.php$ {
            try_files                $uri =404;
            fastcgi_split_path_info  ^(.+\.php)(/.+)$;

            fastcgi_index            index.php;
            fastcgi_intercept_errors on;
            fastcgi_pass             fpm;
            include "fastcgi.conf";
            fastcgi_param  SCRIPT_FILENAME    $document_root$fastcgi_script_name;
        }
    }

    # Process non-admin requests
    include globals/assets.conf;

    # To avoid displaying posts and post previews in HTTPS
    location / {
        return 301 http://example.com$request_uri;
    }

}