server {# 侦听443端口，这个是ssl访问端口listen    443;# 定义使用访问域名，修改成自己的域名server_name  www.xxx.com;# 注意这些路径是相对于/etc/nginx/nginx.conf文件位置ssl on;ssl_certificate cert/2517083_www.xxx.com.pem; # 修改成自己的证书名称，以下同ssl_certificate_key cert/2517083_www.xxx.com.key;ssl_session_timeout 5m;ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # 按照这个协议配置ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE; # 按照这个套件配置ssl_prefer_server_ciphers on;location / {proxy_pass          http://127.0.0.1:8090; # 根据自己Web运行端口进行修改proxy_set_header    X-Real-IP $http_x_forwarded_for;proxy_set_header    X-REMOTE-ADDR $remote_addr;proxy_set_header    X-Forwarded-For $http_x_forwarded_for;proxy_set_header    PROXY-ADD-X-Forwarded-For $proxy_add_x_forwarded_for;proxy_connect_timeout    90;proxy_send_timeout       90;proxy_read_timeout       90;}
}server {# 80端口是http正常访问的接口listen 80;server_name www.xxx.com; # 修改成自己的域名# 在这里，我做了https全加密处理，在访问http的时候自动跳转到httpsrewrite ^(.*) https://$host$1 permanent;location / {proxy_pass          http://127.0.0.1:8090; # 根据自己Web运行端口进行修改proxy_set_header    X-Real-IP $http_x_forwarded_for;proxy_set_header    X-REMOTE-ADDR $remote_addr;proxy_set_header    X-Forwarded-For $http_x_forwarded_for;proxy_set_header    PROXY-ADD-X-Forwarded-For $proxy_add_x_forwarded_for;proxy_connect_timeout    90;proxy_send_timeout       90;proxy_read_timeout       90;}
}

nginx -t
nginx -s reload