nginx 配置 http 转 https 安装证书

server {
        #listen 80 default_server;
        #listen [::]:80 default_server;
        listen  443 ; #https 443 端口 服务器必须要开放 443端口

        # SSL configuration
        #
        # listen 443 ssl default_server;
        # listen [::]:443 ssl default_server;
        #
        # Note: You should disable gzip for SSL traffic.
        # See: https://bugs.debian.org/773332
        #
        # Read up on ssl_ciphers to ensure a secure configuration.
        # See: https://bugs.debian.org/765782
        #
        # Self signed certs generated by the ssl-cert package
        # Don't use them in a production server!
        #
        # include snippets/snakeoil.conf;

        root /var/www/html/default/public;

        # Add index.php to the list if you are using PHP
        index index.php  index.html ;

        server_name  myinterestis.com www.myinterestis.com ;

        ssl on; # 开启https模块
        ssl_certificate  /var/www/html/default/public/214541076500893.pem;
        ssl_certificate_key  /var/www/html/default/public/214541076500893.key;
        ssl_session_timeout 5m;
        ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
        ssl_prefer_server_ciphers on;

        # 默认请求
        location / {
                # First attempt to serve request as file, then
                # as directory, then fall back to displaying a 404.
                #反向代理开始 
               # proxy_pass  https://47.95.166.88;
               # proxy_set_header Host      $host;
               # proxy_set_header X-Real-IP $remote_addr;
               # proxy_redirect https:// $scheme://; #做https跳转
               # proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; 
                #反向代理结束
                if (!-e $request_filename) {
                  rewrite  ^(.*)$  /index.php?s=/$1  last;
                  break;
                 }

        }

        # 静态文件处理
        location ~ \.(txt|jpg|png|js|css|static)$ {

          #root   /var/www/html/default/public/.well-known/;
        }

        # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
        #
        #请求分发到 fpm 
        location ~ \.php$ {
                include snippets/fastcgi-php.conf;
        #
        #       # With php7.0-cgi alone:
        #       fastcgi_pass 127.0.0.1:9000;
        #       # With php7.0-fpm:
                fastcgi_pass unix:/run/php/php5.6-fpm.sock;
        }

        # deny access to .htaccess files, if Apache's document root
        # concurs with nginx's one
        #
        #location ~ /\.ht {
        #       deny all;
        #}
}


# Virtual Host configuration for example.com
#
# You can move that to a different file under sites-available/ and symlink that
# to sites-enabled/ to enable it.
# http 自动跳https
server {
        listen 80;
#       listen [::]:80;
#
        server_name myinterestis.com www.myinterestis.com;
        rewrite ^/(.*) https://$server_name$request_uri? permanent;
#
#       root /var/www/example.com;
#       index index.html;
#
#       location / {
#               try_files $uri $uri/ =404;
#       }
}