server {
    listen 443 ssl;

    server_name xxx.xx.io

    ssl on;
    ssl_certificate /etc/asterisk/certs/xxx.io.pem;
    ssl_certificate_key /etc/asterisk/certs/xxx.io.key;

    ssl_session_timeout 5m;
    ssl_protocols  SSLv2 SSLv3 TLSv1;
    ssl_ciphers  HIGH:!aNULL:!MD5;
    ssl_prefer_server_ciphers on;

    #prevent 502 bad gateway
    #large_client_header_buffers 8 32;

    location / {

        # prevents 502 bad gateway error
        proxy_buffers 8 32k;
        proxy_buffer_size 64k;

        # redirect all HTTP traffic to localhost:8088;
        proxy_pass http://0.0.0.0:8088/ws;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header Host $http_host;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        #proxy_set_header X-NginX-Proxy true;

        # enables WS support
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";

        proxy_read_timeout 999999999;

    }
}