nginx 跳转https

nginx强制跳转https配置，通过http状态吗实现，http状态吗地址：

https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/307

301  It is therefore recommended to use the 301 code only as a response for GET or HEAD methods and to use the 308 Permanent Redirect for POSTmethods instead, as the method change is explicitly prohibited with this status.

#cat  conf.d/test.conf

server {

listen 80;
server_name cul.xget.com;

location / {
auth_basic "it's protected";
auth_basic_user_file /data/.htpasswd;
proxy_pass http://10.10.17.31:8500;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forward-For $proxy_add_x_forwarded_for;
proxy_set_header Access-Control-Allow-Origin *;
proxy_next_upstream http_502 http_504 error timeout invalid_header;
}
listen 443 ssl;
ssl_certificate /root/USSL_TBDmkIc7/Nginx/public.pem;
ssl_certificate_key /root/USSL_TBDmkIc7/Nginx/private.key;
ssl_session_cache shared:le_nginx_SSL:1m; # managed by Certbot
ssl_session_timeout 1440m; # managed by Certbot

ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # managed by Certbot
ssl_prefer_server_ciphers on; # managed by Certbot

ssl_ciphers "ECDHE-ECDSA-AES128-GCM-SHA256 ECDHE-ECDSA-AES256-GCM-SHA384 ECDHE-ECDSA-AES128-SHA ECDHE-ECDSA-AES256-SHA ECDHE-ECDSA-AES128-SHA256 ECDHE-ECDSA-AES256-SHA384 ECDHE-RSA-AES128-GCM-SHA256 ECDHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-AES128-SHA ECDHE-RSA-AES128-SHA256 ECDHE-RSA-AES256-SHA384 DHE-RSA-AES128-GCM-SHA256 DHE-RSA-AES256-GCM-SHA384 DHE-RSA-AES128-SHA DHE-RSA-AES256-SHA DHE-RSA-AES128-SHA256 DHE-RSA-AES256-SHA256 EDH-RSA-DES-CBC3-SHA"; # managed by Certbot

if ($scheme != "https"){

return 301 https://$host$request_uri;
}
}