diff --git a/conf.d/vcenter.itguys.com.br.conf b/conf.d/vcenter.itguys.com.br.conf
index ce24ffd..fb7e382 100644
--- a/conf.d/vcenter.itguys.com.br.conf
+++ b/conf.d/vcenter.itguys.com.br.conf
@@ -34,8 +34,9 @@ server {
 
 # Servidor principal que lida com o tráfego HTTPS (Porta 443)
 server {
-    listen 443 ssl http2;
-    listen [::]:443 ssl http2;
+    listen 443 ssl;
+    http2 on;
+    listen [::]:443 ssl;
     server_name vcenter.itguys.com.br;
 
     # --- Logs ---
@@ -46,7 +47,16 @@ server {
     # O Certbot irá criar e preencher estes caminhos automaticamente.
     #ssl_certificate /etc/letsencrypt/live/vcenter.itguys.com.br/fullchain.pem;
     #ssl_certificate_key /etc/letsencrypt/live/vcenter.itguys.com.br/privkey.pem;
-    include /etc/letsencrypt/options-ssl-nginx.conf;
+    
+    # Substituindo include por config explícita para evitar erro de arquivo inexistente
+    # include /etc/letsencrypt/options-ssl-nginx.conf;
+    ssl_protocols TLSv1.3 TLSv1.2;
+    ssl_ciphers 'TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305';
+    ssl_prefer_server_ciphers on;
+    ssl_session_timeout 1d;
+    ssl_session_tickets off;    
+    
+    #ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
     ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
 
     # --- Cabeçalhos de Segurança ---