server {
        listen 443;

        ssl on;
        ssl_certificate /etc/ssl/private/serv1.acme.fr.crt;
        ssl_certificate_key /etc/ssl/private/serv1.acme.fr.key;
        ssl_session_timeout 5m;
        ssl_prefer_server_ciphers on;
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
        ssl_ciphers ALL:!aNULL:!eNULL:!LOW:!EXP:!RC4:!3DES:+HIGH:+MEDIUM;
        ssl_dhparam /etc/ssl/private/dh2048.pem;
        add_header Strict-Transport-Security max-age=2678400;

        root /var/www/roundcubemail;
        index index.html index.htm index.php;

        client_max_body_size 20M;
        server_name webmail.serv1.acme.fr;
        access_log  /var/log/nginx/webmail/access.log;
        error_log   /var/log/nginx/webmail/error.log;
        autoindex off;

        location / {
                try_files $uri $uri/ =404;
        }

        location ~ \.php$ {
                fastcgi_split_path_info ^(.+\.php)(/.+)$;
                # NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini

                # With php5-cgi alone:
                fastcgi_pass unix:/var/run/php5-fpm.sock;
                fastcgi_index index.php;
                include fastcgi_params;
        }

}