ubuntu下用nginx搭建https和wss

https 和 wss
1.申请证书, 暂时申请的是腾讯云的域名型（DV）免费SSL证书 我们用到时ng
证书申请
证书安装指引
2.配置config
在nginx 设置重定向，以下为参考配置

upstream wxgame {
    #运行https的服务或者应用
    server 127.0.0.1:8091;
    keepalive 16;
}

upstream websocket {
    #运行websocket的服务或者应用
    server 127.0.0.1:8092;
}

#设置 基于http请求 upgrade 为websocket
map $http_upgrade $connection_upgrade {
    default upgrade;
    ''      close;
}

server {
    listen 80;

    server_name localhost;
    charset     utf-8;
    access_log      /var/log/nginx_http_access.log;
    error_log       /var/log/nginx_http_error.log;
    client_max_body_size 75M;


    location / {
        try_files $uri $uri/ =404;
    }
    # 设置http访问时自动重定向至 https
    rewrite ^ https://$http_host$request_uri? permanent;
}

server {
    listen 443;
    server_name localhost www.1906s.com;

    ssl on;
    ssl_certificate 1_www.1906s.com_bundle.crt; #申请Nginx的证书
    ssl_certificate_key 2_www.1906s.com.key; #申请Nginx的证书

    ssl_session_timeout 5m;

    ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;
    ssl_prefer_server_ciphers on;


    # 路径代理转发至上面的 upstream websocket
    location /wss {
        access_log /var/log/nginx/come-websocket.log;
        proxy_pass  http://websocket;
        proxy_read_timeout 300s;
        proxy_set_header Host $host;
        proxy_set_header X-Real_IP $remote_addr;
        proxy_set_header X-Forwarded-for $remote_addr;

        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection 'Upgrade';
    }

    # 路径代理转发至上面的 upstream wxgame 
    location /wxgame {
        proxy_pass  http://wxgame;
    }

    location / {
        include     /etc/nginx/uwsgi_params;
        uwsgi_pass  127.0.0.1:8090;
    }
}

更多nginx反向代理配置参考说明请看https://www.cnblogs.com/Miss-mickey/p/6734831.html