server { listen 443 ssl; server_name www.test.com; ssl_protocols TLSv1.2 TLSv1.1 TLSv1; ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; #加密算法 location /testapi/ { proxy_pass https://www.test2.cn/testapi/; proxy_set_header Host $proxy_host; proxy_set_header X-Real-IP $remote_addr; proxy_ssl_session_reuse off; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } ssl_certificate test.com.pem; ssl_certificate_key test.com.key; ssl_session_cache shared:SSL:1m; ssl_session_timeout 5m; ssl_prefer_server_ciphers on;
