diff --git a/Section_07/000-default-ssl.conf b/Section_07/000-default-ssl.conf
new file mode 100644
index 0000000..2eb317b
--- /dev/null
+++ b/Section_07/000-default-ssl.conf
@@ -0,0 +1,19 @@
+<VirtualHost *:80>
+      ServerName demo-devops.konnect.dev
+      
+      ServerAdmin webmaster@localhost
+
+      ErrorLog ${APACHE_LOG_DIR}/error.log
+      CustomLog ${APACHE_LOG_DIR}/access.log combined
+      Redirect permanent / https://​api-abana.esk.sh
+</VirtualHost>
+
+<VirtualHost *:443>
+      ServerName demo-devops.konnect.dev
+      
+      ServerAdmin webmaster@localhost
+      DocumentRoot /var/www/html
+
+      ErrorLog ${APACHE_LOG_DIR}/error.log
+      CustomLog ${APACHE_LOG_DIR}/access.log combined
+</VirtualHost>
diff --git a/Section_07/main.sh b/Section_07/main.sh
index 6415e4f..ce9d899 100644
--- a/Section_07/main.sh
+++ b/Section_07/main.sh
@@ -20,6 +20,8 @@ sudo rm ../sites-enabled/*
 sudo ln default ../sites-enabled/
 sudo ln reverse_proxy ../sites-enabled/
 sudo systemctl reload nginx
+# sudo systemctl stop nginx
+# sudo systemctl disable nginx
 
 curl http://demo-devops.konnect.dev/
 curl http://demo-devops-api.konnect.dev/
diff --git a/Section_07/ssl.sh b/Section_07/ssl.sh
new file mode 100644
index 0000000..cac7346
--- /dev/null
+++ b/Section_07/ssl.sh
@@ -0,0 +1,39 @@
+#!/bin/bash
+
+# Certbot
+sudo apt install certbot python3-certbot-apache python3-certbot-nginx
+
+# Apache2
+sudo certbot certonly -d demo-devops.konnect.dev --apache2
+sudo certbot certonly -d demo-devops-api.konnect.dev --apache2
+sudo systemctl enable apache2 --now
+cd /etc/apache2/sites-available/
+sudo nano 000-default-ssl.conf
+sudo nano reverse_proxy_ssl.conf
+sudo a2dissite 000-default
+sudo a2dissite reverse_proxy
+sudo a2ensite 000-default-ssl
+sudo a2ensite reverse_proxy_ssl
+sudo systemctl reload apache2
+# sudo systemctl stop apache2
+# sudo systemctl disable apache2
+
+# Nginx
+sudo certbot certonly -d demo-devops.konnect.dev --nginx
+sudo certbot certonly -d demo-devops-api.konnect.dev --nginx
+sudo systemctl enable nginx --now
+cd /etc/nginx/sites-available/
+sudo nano default_ssl
+sudo nano reverse_proxy_ssl
+sudo rm ../sites-enabled/*
+sudo ln default_ssl ../sites-enabled/
+sudo ln reverse_proxy_ssl ../sites-enabled/
+sudo systemctl reload nginx
+# sudo systemctl stop nginx
+# sudo systemctl disable nginx
+
+curl https://demo-devops.konnect.dev/
+curl https://demo-devops-api.konnect.dev/
+
+/etc/letsencrypt/live/demo-devops.konnect.dev/fullchain.pem
+/etc/letsencrypt/live/demo-devops.konnect.dev/privkey.pem