使用Nginx配置域名时，将HTTP请求默认监听在80端口上，通过配置重定向规则，将所有80端口的HTTP请求重定向到443端口上的HTTPS请求。然后，将443端口的HTTPS请求反向代理到后端服务的具体端口。

前置条件

• DNS解析

• 安全组放行443，80tcp

• SSL证书

• ICP备案

• 公安备案

nginx.conf

  server {
    listen 80;#域名访问默认80端口
    server_name www.seapigx.icu;
    return 301 https://$host$request_uri;#http重写为https，定向到443端口
}

server {
    listen 443 ssl;
    server_name www.seapigx.icu;#域名


    #ssl证书路径，使用绝对路径
    ssl_certificate /etc/nginx/cert/file.pem;
    ssl_certificate_key /etc/nginx/cert/file.key;

    ssl_protocols TLSv1.2 TLSv1.3;
    ssl_ciphers HIGH:!aNULL:!MD5;

    location / {
        proxy_pass http://127.0.0.1:9000;#服务端口
        proxy_set_header Host $host;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Host $host;
        proxy_set_header X-Forwarded-Port $server_port;

        # 代理设置
        proxy_connect_timeout 60s;
        proxy_send_timeout 60s;
        proxy_read_timeout 60s;
        proxy_buffer_size 128k;
        proxy_buffers 4 256k;
        proxy_busy_buffers_size 256k;
        proxy_temp_file_write_size 256k;
    }

    # 日志配置
    access_log /var/log/nginx/access.log;
    error_log /var/log/nginx/error.log;
}