server {
listen 80;
    server_name {host};
    return 301 https://$host$request_uri;
}

server {
    server_name {host};
    listen 443;
    ssl_certificate           /etc/nginx/ssl/otelms.crt;	
    ssl_certificate_key       /etc/nginx/ssl/otelms.key;
  
    ssl on;
    ssl_session_cache  builtin:1000  shared:SSL:10m;
    ssl_protocols  TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4;
    ssl_prefer_server_ciphers on;
    location / {
	proxy_set_header X-Real-IP $remote_addr;
	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	proxy_pass                    https://{host_pass};
	proxy_ssl_protocols           TLSv1 TLSv1.1 TLSv1.2;
	proxy_ssl_ciphers             HIGH:!aNULL:!MD5;
	proxy_buffer_size   64k;
	proxy_buffers   4 64k;
	proxy_busy_buffers_size   64k;
    }
}