nginx.conf
http {
include mime.types;
default_type application/octet-stream;
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
#gzip on;
upstream wsssvr {
server 127.0.0.1:8800; //真实websocket访问地址
}
server {
listen 8888 ssl;##设置端口
server_name www.xxx.cn;##设置域名
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_certificate www.xxx.cn.cer;##crt文件路径
ssl_certificate_key www.xxx.cn.key;##密钥路径
location / {
proxy_pass http://wsssvr;##实际访问的地址
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
proxy_set_header X-Real_IP $remote_addr;
proxy_read_timeout 600s;
proxy_set_header X-Forwarded-For $remote_addr:$remote_port;
}
}
}