nginx怎么配置ssl

server?{????????listen?443;????????server_name?www.domain.com;?#填寫綁定證書的域名 ????????ssl?on;????????ssl_certificate?1_www.domain.com_bundle.crt;????????ssl_certificate_key?2_www.domain.com.key;????????ssl_session_timeout?5m;????????ssl_protocols?TLSv1?TLSv1.1?TLSv1.2;?#按照這個協議配置 ????????ssl_ciphers?ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;#按照這個套件配置 ????????ssl_prefer_server_ciphers?on;????????location?/?{????????????root???html;?#站點目錄 ????????????index??index.html?index.htm; ????????} ????}

server?{????????listen?443;????????server_name?blog.domain.com;?#填寫綁定證書的域名 ????????ssl?on;????????ssl_certificate?blog.domain.com_bundle.crt;????????ssl_certificate_key?blog.domain.com.key;????????ssl_session_timeout?5m;????????ssl_protocols?TLSv1?TLSv1.1?TLSv1.2;?#按照這個協議配置 ????????ssl_ciphers?ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;#按照這個套件配置 ????????ssl_prefer_server_ciphers?on;????location?/?{????????????????proxy_pass?http://localhost:81;????????????????proxy_redirect?off;????????????????proxy_set_header????????Host????$host;????????????????proxy_set_header????????X-Real-IP???????$remote_addr;????????????????proxy_set_header????????X-Forwarded-For?$proxy_add_x_forwarded_for;????????????????proxy_next_upstream?error?timeout?invalid_header?http_500?http_502?http_503?http_504;????????????????proxy_max_temp_file_size?0;????????????????proxy_connect_timeout?90;????????????????proxy_send_timeout?90;????????????????proxy_read_timeout?90;????????????????proxy_buffer_size?4k;????????????????proxy_buffers?4?32k;????????????????proxy_busy_buffers_size?64k;????????????????proxy_temp_file_write_size?64k; ????} }

http?{????#?沈略部分 ????server?{????????rewrite?^(.*)?https://$host$1?permanent; ????} }