server {
listen 443 ssl; #监听https 443端口
server_name www.XXXX.com;
client_max_body_size 260M;
#这下面的就是配置https的证书,需要从阿里云去申请或购买,然后下载对应nginx的证书,放到相对路径cert下
ssl_certificate cert/2367623_www.XXXX.com.pem;
ssl_certificate_key cert/2367623_www.XXXX.com.key;
ssl_session_timeout 5m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;
ssl_prefer_server_ciphers on; location / { #这里是配置静态资源
root /usr/local/XXXX/html/www/offcialWebsite;
index index.html index.htm;
} location /official { #拦截的请求转发到对应的请求地址
proxy_pass http://localhost:8089; proxy_connect_timeout 300s;
proxy_send_timeout 300s;
proxy_read_timeout 300s;
}
}
server {
listen 80; #80端口转发到https
server_name www.XXXX.com;
rewrite ^(.*)$ https://$host$1 permanent;
}