server { listen 443 ssl; #监听https 443端口 server_name www.XXXX.com; client_max_body_size 260M; #这下面的就是配置https的证书,需要从阿里云去申请或购买,然后下载对应nginx的证书,放到相对路径cert下 ssl_certificate cert/2367623_www.XXXX.com.pem; ssl_certificate_key cert/2367623_www.XXXX.com.key; ssl_session_timeout 5m; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE; ssl_prefer_server_ciphers on; location / { #这里是配置静态资源 root /usr/local/XXXX/html/www/offcialWebsite; index index.html index.htm; } location /official { #拦截的请求转发到对应的请求地址 proxy_pass http://localhost:8089; proxy_connect_timeout 300s; proxy_send_timeout 300s; proxy_read_timeout 300s; } } server { listen 80; #80端口转发到https server_name www.XXXX.com; rewrite ^(.*)$ https://$host$1 permanent; }