diff --git a/docker-compose.yml b/docker-compose.yml
index 620afd18..c4f9f03d 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -25,8 +25,10 @@ services:
       dockerfile: ./nginx/Dockerfile
     ports:
       - "80:80"
+      - "443:443"
     volumes:
       - ./client/dist:/usr/share/nginx/html
+      - /etc/letsencrypt:/etc/letsencrypt:ro
     depends_on:
       - frontend
       - backend
diff --git a/nginx/Dockerfile b/nginx/Dockerfile
index eddbc882..d47a76f8 100644
--- a/nginx/Dockerfile
+++ b/nginx/Dockerfile
@@ -5,4 +5,5 @@ WORKDIR /usr/share/nginx/html
 COPY ./nginx/default.conf /etc/nginx/conf.d/default.conf
 
 EXPOSE 80
+EXPOSE 443
 CMD ["nginx", "-g", "daemon off;"]
\ No newline at end of file
diff --git a/nginx/default.conf b/nginx/default.conf
index 268c9e3c..769620a8 100644
--- a/nginx/default.conf
+++ b/nginx/default.conf
@@ -3,8 +3,38 @@ upstream backend {
   server backend:3000; # 백엔드 서버 (NestJS)
 }
 
+# HTTP 서버 블록
 server {
   listen 80;
+  server_name nocta.site www.nocta.site;
+
+  # Let's Encrypt 인증을 위한 설정
+  location /.well-known/acme-challenge/ {
+    root /var/www/certbot;
+  }
+
+  # HTTPS로 리다이렉트
+  location / {
+    return 301 https://$host$request_uri;
+  }
+}
+
+# HTTPS 서버 블록
+server {
+  listen 443 ssl;
+  server_name nocta.site www.nocta.site;
+
+  # SSL 인증서와 키 파일 경로
+  ssl_certificate /etc/letsencrypt/live/nocta.site/fullchain.pem;
+  ssl_certificate_key /etc/letsencrypt/live/nocta.site/privkey.pem;
+
+  # SSL 설정
+  ssl_protocols TLSv1.2 TLSv1.3;
+  ssl_prefer_server_ciphers on;
+  ssl_ciphers HIGH:!aNULL:!MD5;
+
+  # HSTS 설정 (HTTPS 강제)
+  add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
 
   # /api 경로로 들어오는 요청은 백엔드로 전달
   location /api {