diff --git a/nginx/nginx.conf b/nginx/nginx.conf
index 9b8144d4..108fdf63 100644
--- a/nginx/nginx.conf
+++ b/nginx/nginx.conf
@@ -51,17 +51,17 @@ http {
     ssl_session_cache shared:SSL:10m;
     ssl_session_timeout 1d;
     # maintained by nginx-rotate-session-ticket-keys in ramfs
-    ssl_session_ticket_key /etc/nginx/session-ticket-keys/4.key;
-    ssl_session_ticket_key /etc/nginx/session-ticket-keys/3.key;
-    ssl_session_ticket_key /etc/nginx/session-ticket-keys/2.key;
-    ssl_session_ticket_key /etc/nginx/session-ticket-keys/1.key;
+    ssl_session_ticket_key session-ticket-keys/4.key;
+    ssl_session_ticket_key session-ticket-keys/3.key;
+    ssl_session_ticket_key session-ticket-keys/2.key;
+    ssl_session_ticket_key session-ticket-keys/1.key;
     ssl_buffer_size 4k;
 
     ssl_trusted_certificate /etc/letsencrypt/live/grapheneos.org/chain.pem;
     ssl_stapling on;
     ssl_stapling_verify on;
     # maintained by certbot-ocsp-fetcher
-    ssl_stapling_file /etc/nginx/ocsp-cache/grapheneos.org.der;
+    ssl_stapling_file ocsp-cache/grapheneos.org.der;
 
     access_log /var/log/nginx/access.log combined buffer=64k flush=1m;
     error_log /var/log/nginx/error.log;