Ubuntu16.04 Nginx配置HTTPS

安装 
apt-get install build-essential
apt-get install libtool
apt-get install libpcre3 libpcre3-dev

apt-get install zlib1g-dev

apt-get install openssl

apt-get install nginx

默认配置文件位置  /etc/nginx/nginx.conf  
默认可执行程序位置  /usr/sbin/nginx

/usr/sbin/nginx    #启动
/usr/sbin/nginx -t #检测配置文件是否正确 
/usr/sbin/nginx -s stop #停止 
/usr/sbin/nginx -s reload #重载配置文件

配置文件内容：

user www-data;
worker_processes auto;
pid /run/nginx.pid;


events {
worker_connections 768;
# multi_accept on;
}


http {
    server {
    listen       443;
    server_name  xx.xx.xx.xx;


    ssl                  on;
    ssl_certificate      /mycert/server.crt; # 自己生成
    ssl_certificate_key  /mycert/server.key; #自己生成


    ssl_session_timeout  5m;


#    ssl_protocols  SSLv2 SSLv3 TLSv1;
#    ssl_ciphers  ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
#    ssl_prefer_server_ciphers   on;


    location / {
        root   html;
        index  testssl.html index.html index.htm;
     proxy_redirect off;
     proxy_set_header Host $host;
     proxy_set_header X-Real-IP $remote_addr;
     proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
     proxy_pass http://115.159.119.234;
    }
}
##
# Basic Settings
##
    
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
# server_tokens off;


# server_names_hash_bucket_size 64;
# server_name_in_redirect off;


include /etc/nginx/mime.types;
default_type application/octet-stream;


##
# SSL Settings
##


ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;


##
# Logging Settings
##


access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;


##
# Gzip Settings
##


gzip on;
gzip_disable "msie6";


# gzip_vary on;
# gzip_proxied any;
# gzip_comp_level 6;
# gzip_buffers 16 8k;
# gzip_http_version 1.1;
# gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;


##
# Virtual Host Configs
##


include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}




#mail {
# # See sample authentication script at:
# # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript
# 
# # auth_http localhost/auth.php;
# # pop3_capabilities "TOP" "USER";
# # imap_capabilities "IMAP4rev1" "UIDPLUS";
# 
# server {
# listen     localhost:110;
# protocol   pop3;
# proxy      on;
# }
# 
# server {
# listen     localhost:143;
# protocol   imap;
# proxy      on;
# }
#}