user nginx; worker_processes 4; error_log /var/log/nginx/error.log warn; pid /var/run/nginx.pid; events { worker_connections 10000; } http { include /etc/nginx/mime.types; default_type application/octet-stream; log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; access_log /var/log/nginx/access.log main; proxy_connect_timeout 3000; #单位秒 proxy_send_timeout 3000; #单位秒 proxy_read_timeout 3000; #单位秒 sendfile on; keepalive_timeout 65; fastcgi_intercept_errors on; #将80的http请求重定向到https server { listen 80; rewrite ^(.*)$ https://$host$1 permanent; } server { #https的相关配置 listen 443 ssl; server_name xxx.com; #xxx.com是你申请的域名 ssl_certificate /etc/nginx/conf.d/cert/server.crt; #为xxx.com域名申请的证书 ssl_certificate_key /etc/nginx/conf.d/cert/server.key; #为xxx.com域名申请的证书秘钥 ssl_session_timeout 5m; ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # 请求行+请求头的标准大小为1m client_header_buffer_size 1m; # 请求行+请求头的最大大小为2, large_client_header_buffers 2 1m; location / { root html; index index.html index.htm; } error_page 404 /404.html; error_page 500 502 503 504 /50x.html; } }