This is the only difference between the HTTP and HTTPS vhosts I can find. The HTTP sites work nicely, but for some reason the HTTPS version gets the wrong vhost (you can see that when you override the cert error).
If you change those lines above with:
listen 443 ssl http2;
listen [::]:443 ssl http2;
and reload nginx, it might be fixed.