No, I think this is because of the regular expression and lack of rewrite if you need something not "direct".
If you look at my example, it works because I do not rewrite anything.
That's the reason why I suggest to start with the very basics: ensure the reverse proxy stuff relays properly to target server.
Once this works, you can fine tune. Devil is in the detail when it comes to rewrite.
Regarding HTTPS, I had no time, last night, to react because I launched 2.2 migration that failed
and I needed to fix it.
you need to:
- enable HTTPS at Nginx level because client will need HTTPS. This is one certificate matching name of exposed server (the Nginx one) and you may also need to add the public part of CA having signed certificate on target server so that Nginx, as client (because in proxy mode, it acts as client too) can connect to target server, validating target certificate. But I saw you sorted it out