nginx ssl 配置 80端口自动转发到443 ssl

server {

    listen 80;

    listen 443 ssl;

    if ($server_port = 80) {

         rewrite ^http://$host https://$host permanent;

         rewrite ^(.*)$ https://$host$1 permanent;

    }

    ssl_certificate /mnt/tmp/ssl/certs/star_we3ew_com.pem;

    ssl_certificate_key /mnt/tmp/ssl/certs/we3ew.key;

    ssl_session_timeout 2m;

    ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;

    ssl_ciphers HIGH:!aNULL:!MD5;

····

}

———————————

server {

  listen 443;

  server_name we3ew.com ;

  ssl on;

  ssl_certificate /etc/nginx/ssl/whs.pem;

  ssl_certificate_key /etc/nginx/ssl/whs.key;

  ssl_session_timeout 5m;

  ssl_protocols SSLv3 TLSv1;

  ssl_ciphers HIGH:!ADH:!MD5;

  ssl_prefer_server_ciphers on;

  location / {

    proxy_pass https://192.168.1.20:443;

    proxy_set_header host xxx.homeserver.com;

  }

}