update for https traffic and setup

DEPLOYMENT.md

@@ -42,11 +42,18 @@ docker-compose logs -f
 
 ### 3. Server Configuration
 
+⚠️ **IMPORTANT**: If you get `net::ERR_SSL_PROTOCOL_ERROR`, see `HTTPS_SETUP.md` for detailed SSL configuration.
+
+#### SSL Architecture
+```
+Internet (HTTPS) → Reverse Proxy (SSL Termination) → Containers (HTTP)
+```
+
 #### Option A: Single Domain Setup
 If serving everything from one domain (e.g., `https://yourapp.com`):
 
-1. Set up reverse proxy (nginx/traefik) to route:
-   - `/` → Frontend container (port 3000)
+1. Set up reverse proxy (nginx/traefik) with SSL termination to route:
+   - `/` → Frontend container (port 3000) 
    - `/api/*` → Backend container (port 5000)
 
 2. Update your `.env`:
@@ -58,17 +65,21 @@ If serving everything from one domain (e.g., `https://yourapp.com`):
 If using subdomains (e.g., `api.yourapp.com`):
 
 1. Set up DNS for subdomains
-2. Update your `.env`:
+2. Configure SSL for both domains
+3. Update your `.env`:
    ```
    REACT_APP_API_URL=https://api.yourapp.com
    ```
 
 ### 4. SSL/HTTPS Setup
 
-For production, ensure HTTPS is configured:
-- Use Let's Encrypt with certbot
-- Configure your reverse proxy for SSL termination
-- Update `REACT_APP_API_URL` to use `https://`
+**Critical**: SSL termination must happen at the reverse proxy level, NOT at individual containers.
+
+- **Containers**: Serve HTTP internally (port 5000 for backend, port 80 for frontend)
+- **Reverse Proxy**: Handles HTTPS externally, forwards HTTP to containers
+- **Frontend Config**: Points to external HTTPS URL (`https://your-domain.com/api`)
+
+For detailed SSL setup instructions, see `HTTPS_SETUP.md`.
 
 ## Container Port Mapping