nginx hyperf ssl https 环境。hyperf-https-ssl

user nginx nginx;
worker_processes  8;

#error_log  logs/error.log;
#error_log  logs/error.log  notice;
#error_log  logs/error.log  info;

#pid        logs/nginx.pid;


events {
    worker_connections  1024;
}


http {
    include       mime.types;
    default_type  application/octet-stream;

    #log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
    #                  '$status $body_bytes_sent "$http_referer" '
    #                  '"$http_user_agent" "$http_x_forwarded_for"';

    #access_log  logs/access.log  main;

    sendfile        on;
    #tcp_nopush     on;

    #keepalive_timeout  0;
    keepalive_timeout  65;

    #gzip  on;

    upstream hyperf {
        # Hyperf HTTP Server 的 IP 及 端口
        server 127.0.0.1:9501;
    }

    server {
        # 监听端口
        listen 80;
        # 绑定的域名，填写您的域名
        server_name www.heijinli.cn;

        location / {
            # 将客户端的 Host 和 IP 信息一并转发到对应节点  
            proxy_set_header Host $http_host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

            # 执行代理访问真实服务器
            # proxy_pass http://hyperf;
        }
    }

    # HTTPS server
    #
    server {
        server_name  heijinli.cn;
        listen       443;
        ssl on;

        ssl_certificate      /usr/local/nginx/conf/cert/www.heijinli.cn.cer;
        ssl_certificate_key  /usr/local/nginx/conf/cert/www.heijinli.cn.key;

        ssl_session_cache    shared:SSL:1m;
        ssl_session_timeout  300m;

        ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
        ssl_ciphers "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4EECDH EDH+aRSA RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS !MEDIUM";
        ssl_prefer_server_ciphers  on;

        client_max_body_size 8M;

        location / {
            proxy_redirect off;
            proxy_pass http://127.0.0.1:9501;
            proxy_set_header Host $host;
            proxy_set_header X-Real_IP $remote_addr;
            proxy_set_header X-Forwarded-For $remote_addr:$remote_port;
            proxy_http_version 1.1;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection upgrade;
        }

        #error_page 404 /404.html;
    
        # redirect server error pages to the static page /50x.html
        #
        error_page 500 502 503 504 /50x.html;

        location = /50x.html {
            root /usr/share/nginx/html;
        }

    }

}