nginx 443 https mark

#user nobody;

worker_processes 4;

#error_log logs/error.log;

#error_log logs/error.log notice;

#error_log logs/error.log info;

#pid logs/nginx.pid;

events {

worker_connections 1024;

}

http {

include mime.types;

default_type application/octet-stream;

log_format main '$remote_addr - $remote_user [$time_local] "$request" '

'$status $body_bytes_sent "$http_referer" '

'"$http_user_agent" "$http_x_forwarded_for"';

#access_log logs/access.log main;

sendfile on;

#tcp_nopush on;

#keepalive_timeout 0;

keepalive_timeout 65;

#gzip on;

upstream weixin {

server 192.168.1.18:8903 max_fails=3 fail_timeout=30s;

}

server {

listen 443;

server_name weixin.efunbox.cn;

ssl on;

root html;

index index.html index.htm;

ssl_certificate /usr/local/nginx-1.10.2/cert/214068604010664.pem;

ssl_certificate_key /usr/local/nginx-1.10.2/cert/214068604010664.key;

ssl_session_timeout 5m;

ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;

ssl_protocols TLSv1 TLSv1.1 TLSv1.2;

ssl_prefer_server_ciphers on;

access_log /data/logs/nginx/weixinapp.log main;

location / {

proxy_pass http://weixin;

proxy_http_version 1.1;

proxy_set_header Upgrade $http_upgrade;

proxy_set_header Connection "upgrade";

#proxy_set_header host $host;

proxy_set_header X-forwarded-for $proxy_add_x_forwarded_for;

proxy_set_header X-real-ip $remote_addr;

}

}

include vhosts/*.conf;

}