ODK-X Sync Endpoint: HTTPS and nonstandard ports

With a lot of trial and error I got both HTTPS and nonstandard ports working on ODK-X Sync Endpoint. I wanted to share the steps I did here so that 1) someone with access to modify the documentation can make it more complete, or 2) someone can tell me if I did something wrong.
For HTTPS, it took me a little bit to realize the “certificate public key” was not just the primary certificate that I used in Apache for a web server at the same domain, but also needed to include the intermediate certificate for my CA and the trusted root certificate. For Digicert, I was able to log in and download a single pem that worked perfectly. Also, in the nginx section in docker-compose.yml I needed to change com.nginx.sync-endpoint.conf to ./config/nginx/sync-endpoint-https.conf.
I am using nonstandard ports because I am running Sync Endpoint in a virtual machine on the same physical host with my web server, and using NAT to access it. If I passed from a nonstandard port on the outside to standard ports on the inside nginx was not able to properly rewrite addresses to access web-ui and odktables. Here are the changes I made to match the internal ports to the external ports:
In config/nginx/sync-endpoint-https.conf I changed the listen ports to the ports I needed. For the unsecured port I added the port to the secure link for redirecting (i.e. https://$host:{port number}$request_uri;).
In the nginx section of docker-compose.yml I changed both the internal and external ports to the nonstandard port numbers. This was in addition to the changes to security.properties in the documentation. I don’t believe the note about port 8080 in the documentation is relevant since nginx is being used in reverse proxy mode to hide that port.

It was the same for me and the solution of mcrider did work