nginx配置ssl以及80强制跳转https443端口配置示例

配置如下，只关注ssl配置部分即可，以及最下面的强制301跳转，即可实现80强制https访问

server {
        listen 443;
        server_name baidu.top;
        ssl on;
        ssl_certificate cert/full_chain.pem;
        ssl_certificate_key cert/private.key;
        ssl_session_timeout 5m;
        ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
        ssl_prefer_server_ciphers on;
        location / {
                proxy_pass http://127.0.0.1:2368;
                proxy_redirect off;
                proxy_set_header        Host    $host;
                proxy_set_header        X-Real-IP       $remote_addr;
                proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
                proxy_max_temp_file_size 0;
                proxy_connect_timeout 90;
                proxy_send_timeout 90;
                proxy_read_timeout 90;
                proxy_buffer_size 4k;
                proxy_buffers 4 32k;
                proxy_busy_buffers_size 64k;
                proxy_temp_file_write_size 64k;
        }
}

server {
    listen  80;
    server_name baidu.top www.baidu.top;
    return 301 https://$server_name$request_uri;
}