nginx 443 https mark

#user  nobody;

worker_processes  4;

#error_log  logs/error.log;

#error_log  logs/error.log  notice;

#error_log  logs/error.log  info;

#pid        logs/nginx.pid;

events {

    worker_connections  1024;

}

http {

    include       mime.types;

    default_type  application/octet-stream;

    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '

                      '$status $body_bytes_sent "$http_referer" '

                      '"$http_user_agent" "$http_x_forwarded_for"';

    #access_log  logs/access.log  main;

    sendfile        on;

    #tcp_nopush     on;

    #keepalive_timeout  0;

    keepalive_timeout  65;

    #gzip  on;

upstream weixin {

        server 192.168.1.18:8903 max_fails=3 fail_timeout=30s;

}

server {

    listen 443;

    server_name weixin.efunbox.cn;

    ssl on;

    root html;

    index index.html index.htm;

    ssl_certificate   /usr/local/nginx-1.10.2/cert/214068604010664.pem;

    ssl_certificate_key  /usr/local/nginx-1.10.2/cert/214068604010664.key;

    ssl_session_timeout 5m;

    ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;

    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;

    ssl_prefer_server_ciphers on;

access_log /data/logs/nginx/weixinapp.log main;

    location / {

proxy_pass http://weixin;

proxy_http_version 1.1;

proxy_set_header Upgrade $http_upgrade;

proxy_set_header Connection "upgrade";

#proxy_set_header host $host;

proxy_set_header X-forwarded-for $proxy_add_x_forwarded_for;

proxy_set_header X-real-ip  $remote_addr;

    }

}

include vhosts/*.conf;

}