1.申请ssl证书: https://www.joyssl.com/certificate/select/free.html
免费的ssl证书（一般有效期是90天）到期后，则需要重新申请

申请完之后下载证书

然后到验证信息中

然后到自己的域名控制台
添加解析记录(这是ssl相关的,后面还要添加自己的通配域名)

然后再添加自己的通配域名解析记录

后面就是配置nginx了
docker-compose文件
/nginx/ssl 下方的是刚才解压后的证书文档中nginx文件夹中的东西

services:
    nginx:
        image: nginx
        container_name: nginx
        ports:
            - 8088:80
            - 443:443
        volumes:
            - ./nginx/nginx.conf:/etc/nginx/nginx.conf
            - ./nginx/conf.d:/etc/nginx/conf.d
            - ./nginx/html:/etc/nginx/html
            - ./nginx/log:/var/log/
            - ./nginx/ssl:/etc/nginx/ssl

        network_mode: host

nginx.conf 不用动, 参照上一篇文档
conf.d中的.conf文件如下

server {
	listen 443 ssl;
	ssl_certificate /etc/nginx/ssl/xxxxxx.crt;  # 这里改成自己的证书路径
	ssl_certificate_key /etc/nginx/ssl/xxxx.key; # 这里改成自己的证书路径
	ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
	ssl_ciphers TLS13-AES-256-GCM-SHA384:TLS13-CHACHA20-POLY1305-SHA256:TLS13-AES-128-GCM-SHA256:TLS13-AES-128-CCM-8-SHA256:TLS13-AES-128-CCM-SHA256:EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
	ssl_prefer_server_ciphers on;
	ssl_session_timeout 10m;

	ssl_buffer_size 1400;
	ssl_stapling on;
	ssl_stapling_verify on;
	server_name loaclhost; #自己的域名
	access_log on;
	access_log /var/log/nginx/vx.access.log;
	error_log  /var/log/nginx/vx.error.log;
	index index.html index.htm index.php;

	if ($ssl_protocol = "") { return 301 https://$host$request_uri; }

	location / {
		proxy_pass http://172.17.0.1:80/; 
#		include proxy.conf;
	}
}

启动,完事!