nginx配置ssl和websocket（wss）

nginx全部配置如下

#user  nobody;
worker_processes 4;
#error_log  logs/error.log;
#error_log  logs/error.log  notice;
#error_log  logs/error.log  info;
#pid        logs/nginx.pid;
events {
     worker_connections 40960;
}
http {
    include       mime.types;
    default_type  application/octet-stream;
    #log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
    #                  '$status $body_bytes_sent "$http_referer" '
    #                  '"$http_user_agent" "$http_x_forwarded_for"';
    #access_log  logs/access.log  main;
     sendfile  on;
    #tcp_nopush     on;
    #keepalive_timeout  0;
     keepalive_timeout 65;
    #gzip  on;
    # another virtual host using mix of IP-, name-, and port-based configuration
    #
	#upstream upstream_name{
    #    server 120.55.101.185:7777;
    #    server 123.57.151.153:8080;
    #}
    #server {
    #    listen       8086;
    #    listen       127.0.0.1;
    #   server_name  127.0.0.1  alias  another.alias;
    #    location / {
    #        root   html;
    #        index  index.html index.htm;
	#		 proxy_pass http://upstream_name;
	#		proxy_set_header Host $host;
    #    }
    #}
	#include vhosts.conf;
    map $time_iso8601 $logdate {
        '~^(?\\d{4}-\\d{2}-\\d{2})' $ymd;
        default                       'date-not-found';
    }
	include vhosts/*.conf;
    # HTTPS server
    # 
	map $http_upgrade $conn_upgrade {
      default upgrade;
      '' close;
    }
	upstream websocket {  
		server 127.0.0.1:9980;  
	}  
	
	server {
		listen 443 ssl;		
		server_name gantu***ba.kaima.site; 
		root html;
		index index.html index.htm;
		ssl_certificate cert/cert.pem;  
		ssl_certificate_key cert/cert.key; 
		ssl_session_timeout 5m;
		ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
		
		ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3; 
		ssl_prefer_server_ciphers on;
		location / {
			root html;  
			index index.html index.htm;
			proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connetion $conn_upgrade;
			proxy_pass http://139.196.14.46:9980;
		}
	}
	server {		
		listen 80;
		server_name gan**ba.kaima.site;		
		root C:\\phpstudy_pro\Extensions\Nginx1.15.11\html\dist;
		
		location ~* ^/(code|auth|admin|gen|ganorder|ganproduct|ganmember) {		   
		   proxy_pass http://127.0.0.1:9999;
		   #proxy_set_header Host $http_host;		   
		   proxy_connect_timeout 15s;		   
		   proxy_send_timeout 15s;		   
		   proxy_read_timeout 15s;
		   proxy_set_header X-Forwarded-Proto http;
		   proxy_set_header X-Real-IP $remote_addr;
           proxy_set_header x-forwarded-for  $remote_addr;
		   proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
		}
	}
    #server {
    #    listen       443 ssl;
    #    server_name  localhost;
    #    ssl_certificate      cert.pem;
    #    ssl_certificate_key  cert.key;
    #    ssl_session_cache    shared:SSL:1m;
    #    ssl_session_timeout  5m;
    #    ssl_ciphers  HIGH:!aNULL:!MD5;
    #    ssl_prefer_server_ciphers  on;
    #    location / {
    #        root   html;
    #        index  index.html index.htm;
    #    }
    #}
     client_max_body_size 50m;
     client_body_buffer_size 60k;
     client_body_timeout 60;
     client_header_buffer_size 64k;
     client_header_timeout 60;
     error_page 400 /error/400.html;
     error_page 403 /error/403.html;
     error_page 404 /error/404.html;
     error_page 500 /error/500.html;
     error_page 501 /error/501.html;
     error_page 502 /error/502.html;
     error_page 503 /error/503.html;
     error_page 504 /error/504.html;
     error_page 505 /error/505.html;
     error_page 506 /error/506.html;
     error_page 507 /error/507.html;
     error_page 509 /error/509.html;
     error_page 510 /error/510.html;
     
     keepalive_requests 100;
     large_client_header_buffers 4 64k;
     reset_timedout_connection on;
     send_timeout 60;
     sendfile_max_chunk 512k;
     server_names_hash_bucket_size 256;
}
error_log C:/phpstudy_pro/WWW crit;
worker_rlimit_nofile 100000;

主要代码：如下，共三段

map $http_upgrade $conn_upgrade {
      default upgrade;
      '' close;
    }
    
	upstream websocket {  
		server 127.0.0.1:9980;  
	}  
	#此两行是重要代码
	proxy_set_header Upgrade $http_upgrade;
	proxy_set_header Connection "Upgrade";
	
	location /exam-admin/websocket {
			root html;  
			index index.html index.htm;
			proxy_pass http://127.0.0.1:9980;
			proxy_set_header Upgrade $http_upgrade;
			proxy_set_header Connection "Upgrade";
		}

如有优化望指正学习