diff --git a/sls/nginx/files/nginx.conf.tpl b/sls/nginx/files/nginx.conf.tpl
index dcdd1d36..4fca32b5 100644
--- a/sls/nginx/files/nginx.conf.tpl
+++ b/sls/nginx/files/nginx.conf.tpl
@@ -59,6 +59,9 @@ http {
     ssl_protocols {{ ssl_protocols }};
     ssl_prefer_server_ciphers on;
     ssl_ciphers {{ ssl_ciphers }};
+    {% for cmd, val in ssl_conf_command %}
+    ssl_conf_command {{ cmd }} "{{ val }}";
+    {% endfor %}
     {% if ssl_dhparam %}
     ssl_dhparam {{ ssl_dhparam }};
     {% endif %}
diff --git a/sls/nginx/service.sls b/sls/nginx/service.sls
index 0934f37d..89108419 100644
--- a/sls/nginx/service.sls
+++ b/sls/nginx/service.sls
@@ -22,6 +22,8 @@
 'ECDH-ECDSA-AES128-SHA', 'ECDH-RSA-AES128-SHA',
 'DHE-RSA-AES128-SHA', 'AES128-SHA256', 'AES128-SHA',
 '!3DES', '!MD5', '!aNULL', '!EDH']) -%}
+{# The structure is [(command, value), ...] #}
+{% set ssl_conf_command = salt.pillar.get('nginx:ssl:conf_command', []) %}
 {% set ssl_dhparam = salt.pillar.get('nginx:ssl:dhparam', False) %}
 {% set ssl_ecdh_curve = salt.pillar.get('nginx:ssl:ecdh_curve', 'auto') %}
 {% set ssl_session_tickets = salt.pillar.get('nginx:ssl:session_tickets', True) %}
@@ -83,6 +85,7 @@ nginx-reload:
         disable_server_tokens: {{ disable_server_tokens }}
         ssl_protocols: "{{ ssl_protocols }}"
         ssl_ciphers: "{{ ':'.join(ssl_ciphers) }}"
+        ssl_conf_command: [{% for c,v in ssl_conf_command %}("{{c}}","v"),{% endfor %}]
         ssl_dhparam: {{ ssl_dhparam }}
         ssl_ecdh_curve: "{{ ssl_ecdh_curve }}"
         proxy_ssl_protocols: "{{ proxy_ssl_protocols }}"