Maybe some additional information will help. 8443 is definitely defined in the docker-compose file - I haven't changed any of the settings in the docker-compose file that dotCMS supplies.
What we noticed:
Running on my local machine:
1 - (successful authentication) logging in through the /dotAdmin page, there is a successful authentication response. We receive a 200 and the response contains user context information, i.e. admin: true, backendUser:true, etc.
2 - JSESSIONID cookie is NOT in the response header of the call to /authentication but...
3 - the JSESSIONID cookie is subsequently sent in the request header to /menu, which returns a 200, thus displaying the admin screen + options
When firing up the containers on EC2:
1 - (same successful authentication as above)
2 - JSESSIONID cookie is IN the response header of the call to /authentication but...
3 - the JSESSIONID cookie is NOT sent in the request header to /menu, which returns a 403, and the admin screen + options is not shown
==========
Summary: EC2 instance of dotCMS is not sending JSESSIONID cookie with any calls after successful /authentication. When manually adding the JSESSIONID to cookie header, those calls are successful.
We tested it successfully with curl, adding the JSESSIONID cookie to the request headers (--header).
I guess the question is what might cause the JSESSIONID to not be sent from /dotAdmin to /menu?