nginx 反向代理微信服务器问题

需求： 内网服务器 B 需要访问微信服务器，所以做反向代理

环境配置: 服务器 A 能访问外网 172.16.0.7 服务器 B 不能访问外网

修改服务器 B 的 hosts 文件，域名指向服务器 A 172.16.0.7 mp.weixin.qq.com

服务器 A 的 nginx 配置

server { listen 80; server_name mp.weixin.qq.com; location / { index index.html; proxy_pass https://mp.weixin.qq.com; proxy_redirect off; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $host; proxy_set_header X-Forwarded-proto https; } } server { listen 443; server_name mp.weixin.qq.com; #charset koi8-r; ssl on; ssl_certificate /usr/local/nginx/conf/bundle.crt; ssl_certificate_key /usr/local/nginx/conf/b.key; ssl_session_timeout 5m; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers ALL:!DH:!EXPORT:!RC4:+HIGH:+MEDIUM:-LOW:!aNULL:!eNULL; ssl_prefer_server_ciphers on; #access_log logs/host.access.log main; location / { index index.html; proxy_pass https://mp.weixin.qq.com; proxy_redirect off; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $host; proxy_set_header X-Forwarded-proto https; } } 

结果： 在服务器 B 访问

http 访问正常

#curl http://mp.weixin.qq.com/cgi-bin/component {"errmsg":"System Error!!!"} 

https 访问失败

#curl https://mp.weixin.qq.com/cgi-bin/component curl: (51) Unable to communicate securely with peer: requested domain name does not match the server's certificate. 

问题：nginx 改如何配置能够转发 https 的请求