@treysmithdev  Thanks for the reply as per for instructions, i have already tried & checked opening NLU in windows machine through browser, its opening perfectly with not accepting the certificate.

My main question is that "Which certificates should i give to both machines to communicate:

1. SSL - Certificate (issued by Domain Service Provider)

or

2. QS & QIB - Both are installed on same machine (Machine Certificate generated through QMC) &

if i use the machine certificates  then which should be used, "client.pfx"  or "server.pfx" or "root.cer" ... ... ?

Certificates-folder is mapped in the yml-file 

SSL Certificate is applied successfully & it working fine as per your shared snapshots.

Now in next step, i am getting the error as per screenshot, support is needed to resolve this issue.

Below message request is coming upon setting-up NLU-Configuration on NLU-Machine 

Below are the log for the above activity:

}
2019-10-21 23:42:44.4833|INFO|Configuration|CreateAgent|Creating new agent for Qlik Insight Bot nlu
2019-10-21 23:42:44.4963|INFO|Configuration|SendRequest|Sending request with following parameter
2019-10-21 23:42:44.5073|INFO|Configuration|SendRequest|Method: Post
2019-10-21 23:42:45.4988|ERROR|Configuration|SendRequest|Error while sending request with following parameter
2019-10-21 23:42:45.5128|ERROR|Configuration|SendRequest|The remote server returned an error: (401) Unauthorized.
2019-10-21 23:42:45.5238|ERROR|Configuration|SendRequest|{
"status": "error",
"message": "NLU configuration failed."
}
2019-10-21 23:42:45.5358|ERROR|Configuration|CreateAgent|Error while creating agent
2019-10-21 23:42:45.5358|ERROR|Configuration|CreateAgent|{
"status": "error",
"message": "NLU configuration failed."
}
2019-10-21 23:42:45.5598|ERROR|Component Configuration|ConfigureNLU|{
"status": "error",
"message": "NLU configuration failed."
}

Hi Friends

I ned a help, i have a valid certificate (CA) on PFX format, this certificate is wildcard *.mydomain.com and is usted on each site QlikSense, NLP and NLU, on NLU i splited on pem files (CRT and Key) with the following commands 

openssl pkcs12 -in Cert.pfx -nocerts -out NluEnc.key
openssl rsa -in NluEnc.key -out nlu_key.pem
openssl pkcs12 -in Cert.pfx -clcerts -nokeys -out nlu_crt.pem

Then i stored the certificates on home/nlu/Certificates  the path configured on docker-compose.yml is the default 

environment:
POSTGRES_HOST: nlu_db
isHttps: "True"
CertificatePath: "/nlu/Certificates/"

When i tested the NLU URL opens well but without certificate

Install your certificate in Linux / NLU Machine by using following commands:

$ /usr/local/share/ca-certificate

$ sudo apt-get install ca-certificates -y

$ sudo dpkg-reconfigure ca-certificates

$ sudo update-ca-certificates

If the error still exists then install it manually from the list of certificates.

Restart your instance after the above configurations & run your containers after checking the status of Docker.

Cheers.

Hi mranarshad81 

Thanks for the answer, i tried to install the certificates following the steps, but not worked, also i researched and found the same commands but with a different path $ /usr/share/ca-certificate/extra  i stored on this folder and execute the commands, the terminal console show me the following message

2 added, 0 removed; done.
Processing triggers for ca-certificates (20180409) ...
Updating certificates in /etc/ssl/certs...
2 added, 0 removed; done.
Running hooks in /etc/ca-certificates/update.d...
done.

I restarted the NLU server and then laucnh the NLU sudo docker-compose up but noy works, the problem is the same

Hi

I forget say that the certificates was generated by GoDaddy and for the procedure made on $ /usr/share/ca-certificate/extra folder, i converted the PEM file to CRT file

What are your volume settings in your docker-compose.yml file?