here is the config that will solve all your problems ...you want ssl, non ssl, multiple sites etc... just add the proper config like so...14 hours, on this! i got it though and I need to share because i know people want to know this. You have been waiting for 4 months... now my config includes hhvm, redis, wordpress multisite, and a cdn... so that's where the mime types come in... as you can see my setup is very complex and unique as all of ours are...but the first two lines are the answers to your problems..it tells nginx to listen on 80 and 443 for both domain.com and subdomain.domain.com with a wildcard... dipphie helmen up! sorry i just love that name:

• i changed the values of the key and crt name for security purposes in this response...my config has the proper names ..just make sure you tell nginx the actual locations.
  

server {
listen 80;
listen 443;
servername jurisdesk.com *.jurisdesk.com;
ssl on;
sslcertificate /var/www/jurisdesk.com/cert/example.com.crt;
sslcertificatekey /var/www/jurisdesk.com/cert/example.com.key;

accesslog /var/log/nginx/jurisdesk.com.access.log rtcacheredis;
errorlog /var/log/nginx/jurisdesk.com.error.log;

root /var/www/jurisdesk.com/htdocs;

index index.php index.html index.htm;

include common/redis-hhvm.conf;

include common/wpcommon.conf;
include common/locations.conf;
include /var/www/jurisdesk.com/conf/nginx/*.conf;

location ~ .(ttf|ttc|otf|eot|woff|woff2|font.css|css|js)$ {
add_header Access-Control-Allow-Origin "*";
}

}

server {
listen 80;
servername www.jurisdesk.com;
return 301 https://jurisdesk.com$requesturi;
}