Deploying Django Channels with Daphne + NGINX using SSL

I had a working configuration of nginx proxying to an upstream daphne server for django channels. However, when I moved my site to ssl, I started running into issues 403 errors with the websocket requests. This is from my error log:

None - - [24/Apr/2017:02:43:36] "WSCONNECTING /pulse_events" - -None - - [24/Apr/2017:02:43:36] "WSREJECT /pulse_events" - -2017/04/24 02:43:37 [info] 465#465: *10 client 69.203.115.135 closed keepalive connection

And from the access log:

- - [24/Apr/2017:02:48:54 +0000] "GET /pulse_events HTTP/1.1" 403 5 "-""-"- - [24/Apr/2017:02:49:03 +0000] "GET /pulse_state/ HTTP/2.0" 200 1376 "-""Pulse/1 CFNetwork/811.4.18 Darwin/16.1.0"

My nginx config is as follows:

upstream pulse_web_server {    server unix:/home/pulseweb/run/gunicorn.sock fail_timeout=0;}upstream pulse_web_sockets {   server unix:/home/pulseweb/run/daphne.sock;}map $http_upgrade $connection_upgrade {     default upgrade;'' close;}server {    listen 80;    server_name backend.com;    return 301 https://$host$request_uri;}server {    listen         443 http2 ssl;    server_name    backend.com;    root /var/www/vhosts/backend.com;  location ~ /.well-known {       allow all;  }  include snippets/ssl-params.conf;  ssl_certificate /etc/letsencrypt/live/backend.com/fullchain.pem;  ssl_certificate_key /etc/letsencrypt/live/backend.com/privkey.pem;    client_max_body_size 4G;    access_log  /var/log/nginx/pulse-access.log;    error_log   /var/log/nginx/pulse-error.log info;    location /static/ {        alias /var/www/vhosts/backend.com/static/;    }    location /pulse_events {    proxy_pass http://pulse_web_sockets;        proxy_http_version 1.1;        proxy_set_header Upgrade $http_upgrade;        proxy_set_header Connection "upgrade";    }    location / {      proxy_redirect off;      proxy_set_header X-Real-IP $remote_addr;      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;      proxy_set_header X-Forwarded-Proto $scheme;      proxy_set_header Host $http_host;      proxy_set_header X-NginX-Proxy true;      proxy_set_header Connection "";      proxy_http_version 1.1;      server_tokens off;      proxy_buffering on;      if (!-f $request_filename) {          proxy_pass http://pulse_web_server;          break;      }  }}

This is my requirements.txt:

asgi-redis==0.14.0asgiref==0.14.0asyncio==3.4.3autobahn==0.16.0channels==0.17.2daphne==0.14.3Django==1.10django-extensions==1.7.2django-webpack-loader==0.3.3djangorestframework==3.4.4msgpack-python==0.4.8python-dateutil==2.5.3redis==2.10.5requests==2.11.0six==1.10.0Twisted==16.2.0txaio==2.5.1zope.interface==4.2.0

Any insight would be greatly appreciated.