nginx

server {
            listen 80;
           server_name iot.tosofts.com www.iot.tosofts.com; 
            rewrite ^(.*)$   https://$host$1 permanent;
}
server {
     listen 443 ssl; 
     #填写绑定证书的域名
     server_name iot.tosofts.com www.iot.tosofts.com; 
     #网站主页路径。此路径仅供参考，具体请您按照实际目录操作。
     root C:/0_project/apps/iot.tosofts.com/static/;
     #证书文件名称
     ssl_certificate ssl/iot.tosofts.com_bundle.crt; 
     #私钥文件名称
    ssl_certificate_key ssl/iot.tosofts.com.key; 
     ssl_session_timeout 5m;
     ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
     ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_prefer_server_ciphers on;
     #文件上传403错误大小限制
     client_max_body_size    10m;

    # 阻止特定文件访问
    location ~* /.bat {
          deny all;
    }

         location /api/ {
                proxy_pass http://localhost:8848/;
                proxy_set_header Host $host;
                proxy_set_header XfromAppId $http_XfromAppId;
                proxy_set_header XownerId $http_XownerId;
                proxy_set_header XsysId $http_XsysId;
                proxy_set_header XuserId $http_XuserId;
                proxy_set_header XverifyApi $http_XverifyApi;
                proxy_set_header Authorization $http_Authorization;
                proxy_set_header XfilterAreaCode $http_XfilterAreaCode;
                proxy_set_header XuserFromFirstShareId $http_XuserFromFirstShareId;
                proxy_set_header XuserFromSecondShareId $http_XuserFromSecondShareId;
                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

   proxy_http_version 1.1;
   proxy_set_header Upgrade $http_upgrade;
   proxy_set_header Connection "upgrade";
  }

        location @router {
                rewrite ^.*$ /index.html last;
        }
 }

控制websoket代理

   proxy_http_version 1.1;
   proxy_set_header Upgrade $http_upgrade;
   proxy_set_header Connection "upgrade";