服务器配置nginx和tomcat都使用https协议

user  nginx;
worker_processes  1;

error_log  /var/log/nginx/error.log warn;
pid        /var/run/nginx.pid;

events {
worker_connections  1024;
}

http {
include       /etc/nginx/mime.types;
default_type  application/octet-stream;

log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';

access_log  /var/log/nginx/access.log  main;

sendfile        on;
#tcp_nopush     on;

keepalive_timeout  65;

#gzip  on;

#include /etc/nginx/conf.d/*.conf;

client_max_body_size 2m;

server_names_hash_bucket_size 2048;

server {
#listen       80;
listen 443  ssl;
server_name  xiaoxiaohei.com.cn;

ssl on;
ssl_certificate /etc/nginx/conf.d/1_www.xiaoxiaohei.com.cn_bundle.crt;
ssl_certificate_key /etc/nginx/conf.d/2_www.xiaoxiaohei.com.cn.key;
ssl_session_timeout 5m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;
ssl_prefer_server_ciphers on;

location / {
root   /data/web/webapp/public;
index  index.html index.htm index.php;

if (!-e $request_filename) {
rewrite  ^(.*)$  /index.php?s=/$1  last;
break;
}

}

location ~ \.php$ {
root   /data/web/webapp/public;
fastcgi_pass   127.0.0.1:9000;
fastcgi_index  index.php;
fastcgi_param  SCRIPT_FILENAME $document_root$fastcgi_script_name;
include        fastcgi_params;
}
}

server {
#listen       80;
listen 443 ssl;
server_name  wx.xiaoxiaohei.com.cn;

ssl on;
ssl_certificate /etc/nginx/conf.d/1_wx.xiaoxiaohei.com.cn_bundle.crt;
ssl_certificate_key /etc/nginx/conf.d/2_wx.xiaoxiaohei.com.cn.key;
ssl_session_timeout 5m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;
ssl_prefer_server_ciphers on;

location / {
proxy_pass   http://localhost:8080/; proxy_redirect  off;
proxy_set_header  X-Real-IP $remote_addr;
proxy_set_header  X-Forwarded-For $proxy_add_x_forwarded_for;
}

}

}