Rasa + nginx reverse proxy setup

Hey guys! I followed https://forum.rasa.com/t/rasa-server-running-as-https-not-working/33293 to set up HTTPS, but I can only access it using HTTP and not HTTPS. On a post request, I get the following error -

*SSLError: HTTPSConnectionPool(host=‘mydomain.com’, port=5005): Max retries exceeded with url: /webhooks/rest/webhook (Caused by SSLError(SSLError(1, ‘[SSL: WRONG_VERSION_NUMBER] wrong version number (_ssl.c:1123)’)))*

Here’s my docker-compose.yml

version: '3.8'
services:
  bot:
    env_file:
      - env_bot.env
    image: ${DOCKER_HUB}/${DOCKER_REPO}/${DOCKER_IMAGE}:${DOCKER_TAG}
    container_name: application_chatbot
    build:
      context: ./build
      dockerfile: Dockerfile
    #volumes:
    #  - ./out:/out
    command: bash -c "python conversational_bot/start_script/launch_v2.py && /bin/sh"
    tty: true
    ulimits:
      memlock: -1
    networks:
      - organic_network
    ports:
      - 5005:5005
  mongo:
    container_name: organic_mongo_b
    image: library/mongo:latest
    volumes:
      - /tmp/mongodb:/data/db:Z
    networks:
      - organic_network
    # this should just expose this port to internal services, not to outside
    expose:
      - 27017
  nginx:
    container_name: nginx
    image: nginx
    ports:
      - 80:80
      - 443:443
    volumes:
      - ./nginx:/etc/nginx/conf.d
      #I kept my SSL certs in a certs folder in project directory (Make sure to include this in .gitignore)
      - ./certs:/etc/letsencrypt/live/mydomain.com
    depends_on:
      - bot
    networks:
      - organic_network

networks:
  organic_network:
   name: global_organic_network

and here is my nginx default conf file -

upstream application_chatbot {
    server application_chatbot:5005;
}

#change your domain name to localhost if testing locally
#listen on port 80 (default port for non-encrypted messages)
#if testing locally, <your_domain_name> is localhost
server {
    listen	 80;
    server_name  mydomain.com ;

#reverse proxy to rasa container
    location / {
        proxy_pass  http://application_chatbot;
    }
}

#comment out this block if you are testing locally
#listen to port 443 (default port for encrypted messages)
server {
      listen 443 ssl;
      server_name mydomain.com ;

  #points to ssl certificates that we will move to nginx docker container in docker compose
      ssl_certificate /etc/letsencrypt/live/mydomain.com/fullchain.pem;
      ssl_certificate_key /etc/letsencrypt/live/mydomain.com/privkey.pem;
      ssl_trusted_certificate /etc/letsencrypt/live/mydomain.com/fullchain.pem;

  #reverse proxy to rasa container
      location / {
          proxy_pass  http://application_chatbot;
      }
}

Wondering if you have any thoughts/inputs on what I’m doing wrong. New to both docker and rasa so, some help would be really appreciated.

Thanks!

Turns out, the nginx container wasn’t getting access to the certificates. I missed the :Z in the volume in the docker-compose.yml file.