Windows

**1. Create a new https.conf configuration file and copy the following code into the file.**

***Areas to pay attention to for modification:***

- Change the `listen 443 ssl` to another port number of your choice.

- Update the paths for `ssl_certificate` and `ssl_certificate_key` to the actual locations of your certificate files.

```html
server {
    listen 443 ssl;
    server_name localhost;
    error_page 497 400 https://$http_host$request_uri;
    ssl_certificate      C:\cert\cloudlark.pingxingyun.com_bundle.crt;  # Path to the certificate's crt file
    ssl_certificate_key  C:\cert\cloudlark.pingxingyun.com.key;  # Path to the certificate key file
    ssl_session_cache shared:SSL:1m;
    ssl_session_timeout 5m;
    ssl_protocols SSLv2 SSLv3 TLSv1 TLSv1.2;
    resolver_timeout 5s;
    keepalive_timeout 60;

# View backend service status
    location /nginxstatus {
        stub_status on;
        access_log off;
    }

location /static {
        index index.html;
        alias  ./admin-front;
    }

#-------------------------------------------------------------
    # Use precise matching to allow direct access to static pages using the domain name without /index
    # An additional precise match for /index.html is necessary, or else a 404 error will occur
    #
    # location /index {
    #     root  ./admin-front;
    location = / {
        root  ./admin-front/index;
        index index.html;
    }
    location = /index.html {
        root ./admin-front/index;
        #index index.html;
    }
    #-------------------------------------------------------------

location /webclient {
        index index.html;
        root ./admin-front;
    }
    
    # Forward Minio images
    location ^~ /image/ {
        proxy_pass http://localhost:9000/image/;
    }
}
	
 location / {
    proxy_pass http://larkxr-admin/;
    proxy_cookie_path / /;
    proxy_http_version 1.1;
    proxy_set_header Host $host:$server_port;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header REMOTE-HOST $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Real-Proto https;
    # Used to solve the problem of getRequestURL method not being able to obtain requests with the https protocol, 
    # using request.getHeader("X-Forwarded-Scheme") to obtain the protocol header
    proxy_set_header X-Forwarded-Scheme  $scheme;
    proxy_redirect http:// https://;
    client_max_body_size  100m;
    # Default value is 60s, the timeout period for nginx to connect to the backend server
    # If the backend service is down, it will wait until this time before timing out. 
    # During this time, other requests will still be allocated to this node, 
    # and it will only be marked as offline after triggering a timeout. 
    # This results in a large number of connections waiting, putting pressure on the server, 
    # and a large number of requests being directed to this node, all of which will be inaccessible, 
    # reducing availability and user experience.
    # Also, if the frontend page's timeout is shorter than this value, it will result in the frontend page timing out prematurely, 
    # returning a 499 error.
    # If the frontend page timeout is set to 3s, try to set this value to below 3s.
    proxy_connect_timeout 2;
    # Default value is 60s
    proxy_send_timeout 60;
    # Default value is 60s
    proxy_read_timeout 60;
}

# Can also be written as: location ^~ /websocket { indicating non-regex matching. 
# Once a match is found starting with /websocket, the regular search stops, while general matching continues.
location /websocket {
    proxy_pass http://larkxr-admin;
    proxy_http_version 1.1;
    proxy_set_header Host $host:$server_port;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header REMOTE-HOST $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Real-Proto https;
    # Upgrade to the WebSocket protocol
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection 'upgrade';
    client_max_body_size 1m;
    # Default value is 60s, the timeout period for nginx to connect to the backend server
    # If the backend service is down, it will wait until this time before timing out. 
    # During this time, other requests will still be allocated to this node, 
    # and it will only be marked as offline after triggering a timeout. 
    # This results in a large number of connections waiting, putting pressure on the server, 
    # and a large number of requests being directed to this node, all of which will be inaccessible, 
    # reducing availability and user experience.
    # Also, if the frontend page's timeout is shorter than this value, it will result in the frontend page timing out prematurely, 
    # returning a 499 error.
    # If the frontend page timeout is set to 3s, try to set this value to below 3s.
    proxy_connect_timeout 2;
    # Default value is 60s
    proxy_send_timeout 60;
    # Default value is 60s
    proxy_read_timeout 60;
}

location ^~ /appli/upload {
    proxy_pass http://larkxr-admin/appli/upload;
    proxy_cookie_path / /;
    proxy_http_version 1.1;
    proxy_set_header Host $host:$server_port;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header REMOTE-HOST $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Real-Proto https;
    # Used to solve the issue where getRequestURL method cannot get the https protocol request, use request.getHeader("X-Forwarded-Scheme") to get the protocol header
    proxy_set_header X-Forwarded-Scheme  $scheme;
    # add_header 'Access-Control-Allow-Origin' '*';
    # add_header 'Access-Control-Allow-Credentials' 'true';
    # add_header Access-Control-Allow-Methods '*';
    # add_header 'Access-Control-Allow-Headers' *;
    client_max_body_size  10240m;
    proxy_connect_timeout 2;
    proxy_send_timeout    60;
    # Default is 60, when uploading large files, a 504 error occurs, so increase the timeout limit
    proxy_read_timeout    7200;
}

location ^~ /appli/sliceUpload {
    proxy_pass http://larkxr-admin/appli/sliceUpload;
    proxy_cookie_path / /;
    proxy_http_version 1.1;
    proxy_set_header Host $host:$server_port;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header REMOTE-HOST $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Real-Proto https;
    # Used to solve the issue where getRequestURL method cannot get the https protocol request, use request.getHeader("X-Forwarded-Scheme") to get the protocol header
    proxy_set_header X-Forwarded-Scheme  $scheme;
    # add_header 'Access-Control-Allow-Origin' '*';
    # add_header 'Access-Control-Allow-Credentials' 'true';
    # add_header Access-Control-Allow-Methods '*';
    # add_header 'Access-Control-Allow-Headers' *;
    client_max_body_size  10240m;
    proxy_connect_timeout 2;
    proxy_send_timeout    60;
    # Default is 60, when uploading large files, a 504 error occurs, so increase the timeout limit
    proxy_read_timeout    7200;
}

}
```
**2. Place the newly created configuration file in the following directory**

![](https://docs.paraverse.cc/media/202504/df6c967f0913445ba8b58fd15336705e6021.png)

**3. Restart the nginx service**

![](https://docs.paraverse.cc/media/202504/bbb90223952e4680978c3c9eaad2ad222915.png)