Add content based on the current domain name

location /websocket { proxy_pass http://backend; Proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; }Copy the code

#extra/httpd-ssl.conf DocumentRoot “/ website/directory “ServerName domain name

Proxy Config

SSLProxyEngine on

ProxyRequests Off

ProxyPass/WSS ws: / / 127.0.0.1:9000

ProxyPassReverse WSS ws: / / 127.0.0.1:9000

Add SSL protocols to remove insecure protocols

SSLProtocol all -SSLv2 -SSLv3

Modify the encryption suite as follows

SSLCipherSuite HIGH:! RC4:! MD5:! aNULL:! eNULL:! NULL:! DH:! EDH:! EXP:+MEDIUM

SSLHonorCipherOrder on

Certificate Public Key Configuration

SSLCertificateFile /server/httpd/cert/your.pem

Certificate private key configuration

SSLCertificateKeyFile /server/httpd/cert/your.key

Certificate Chain Configuration

SSLCertificateChainFile /server/httpd/cert/chain.pem

Personal Configuration

server {
 listen 443;

 ssl on;
  ssl_certificate /*/*.pem;
  ssl_certificate_key /*/*.key;
  ssl_session_timeout 5m;
  ssl_session_cache shared:SSL:50m;
  ssl_protocols SSLv3 SSLv2 TLSv1 TLSv1.1 TLSv1.2;
  ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;

  location /wss
  {
   proxy_pass http://127.0.0.1:9000;
   proxy_http_version 1.1;
   proxy_set_header Upgrade $http_upgrade;
   proxy_set_header Connection "Upgrade";
    proxy_set_header X-Real-IP $remote_addr;
 }Copy the code