AWS EC2 Ubuntu and SSL via nginx is broken

this is weird, I read a lot of tutorials how to install SSL, but it's still not working.

I followed steps:

sudo apt-get updatesudo apt-get install software-properties-commonsudo add-apt-repository ppa:certbot/certbotsudo apt-get updatesudo apt-get install python-certbot-nginxsudo certbot --nginx -d mydomain.com

and this is my nginx/sites-available/mydomain.com file:

upstream nodejsapp {    server localhost:3000;}server {    listen 443;    server_name mydomain.com;    ssl_certificate /etc/letsencrypt/live/mydomain.com/fullchain.pem;    ssl_certificate_key /etc/letsencrypt/live/mydomain.com/privkey.pem;    include /etc/letsencrypt/options-ssl-nginx.conf;    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;    root /home/ubuntu/mydomain.com;    location / {        try_files $uri @nodejsapp;    }    location @nodejsapp {        proxy_pass http://nodejsapp;        proxy_http_version 1.1;        #proxy_set_header Upgrade $http_upgrade;        proxy_set_header Connection "upgrade";        proxy_set_header Host $http_host;        proxy_set_header X-Real-IP $remote_addr;        proxy_set_header X-Forward-For $proxy_add_x_forwarded_for;        proxy_set_header X-Forward-Proto http;        #proxy_set_header X-Nginx-Proxy true;        proxy_redirect off;    }    if ($request_method !~ ^(GET|HEAD|POST)$ ) {        return 404;    }} server {    if ($host = mydomain.com) {        return 301 https://$host$request_uri;    } # managed by Certbot    listen 80 default;    server_name mydomain.com;    return 404; # managed by Certbot}

Everythings works fine when I'm using ec2 direct url with :3000 port, but SSL is just not working, any ideas or help how to debug it?

No error.logs in nginx, no errors in letsencrypt.log, I don't know how to find the issue here :(

Edit1: forgot to mention - everything works properly via HTTP.Edit2: My nginx.conf

user www-data;worker_processes auto;pid /run/nginx.pid;include /etc/nginx/modules-enabled/*.conf;events {    worker_connections 768;    # multi_accept on;}http {    # Basic Settings    sendfile on;    tcp_nopush on;    tcp_nodelay on;    keepalive_timeout 65;    types_hash_max_size 2048;    # server_tokens off;    # server_names_hash_bucket_size 64;    # server_name_in_redirect off;    include /etc/nginx/mime.types;    default_type application/octet-stream;    # SSL Settings    ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE    ssl_prefer_server_ciphers on;    ##    # Logging Settings    ##    access_log /var/log/nginx/access.log;    error_log /var/log/nginx/error.log;    # Gzip Settings    gzip on;    # Virtual Host Configs    include /etc/nginx/conf.d/*.conf;    include /etc/nginx/sites-enabled/*;}

Edit3: added options-ssl-nginx.conf

# This file contains important security parameters. If you modify this file# manually, Certbot will be unable to automatically provide future security# updates. Instead, Certbot will print and log an error message with a path to# the up-to-date file that you will need to refer to when manually updating# this file.ssl_session_cache shared:le_nginx_SSL:1m;ssl_session_timeout 1440m;ssl_protocols TLSv1 TLSv1.1 TLSv1.2;ssl_prefer_server_ciphers on;ssl_ciphers "ES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS.....";