diff --git a/Dockerfile b/Dockerfile
index ec2a6c214..6ee84515b 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -123,4 +123,4 @@ WORKDIR /usr/src/django-ca/ca/
 ENV DJANGO_CA_SETTINGS=conf/
 ENV DJANGO_CA_SECRET_KEY_FILE=/var/lib/django-ca/certs/ca/shared/secret_key
 
-CMD ./uwsgi.sh
+CMD ./gunicorn.sh
diff --git a/ca/ca/asgi.py b/ca/ca/asgi.py
new file mode 100644
index 000000000..c06045759
--- /dev/null
+++ b/ca/ca/asgi.py
@@ -0,0 +1,16 @@
+"""
+ASGI config for testproject project.
+
+It exposes the ASGI callable as a module-level variable named ``application``.
+
+For more information on this file, see
+https://docs.djangoproject.com/en/5.1/howto/deployment/asgi/
+"""
+
+import os
+
+from django.core.asgi import get_asgi_application
+
+os.environ.setdefault("DJANGO_SETTINGS_MODULE", "ca.settings")
+
+application = get_asgi_application()
diff --git a/docker-compose.yml b/docker-compose.yml
index b9836f942..36b29b1c4 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -24,7 +24,7 @@ services:
             - pgdata_16:/var/lib/postgresql/data
 
     backend:
-        image: mathiasertl/django-ca:${DJANGO_CA_VERSION:-2.1.0}
+        image: mathiasertl/django-ca:${DJANGO_CA_VERSION:-latest}
         command: ./celery.sh -l ${CELERY_LOG_LEVEL:-warning}
         depends_on:
             - cache
@@ -58,7 +58,7 @@ services:
         stop_grace_period: 30s
 
     frontend:
-        image: mathiasertl/django-ca:${DJANGO_CA_VERSION:-2.1.0}
+        image: mathiasertl/django-ca:${DJANGO_CA_VERSION:-latest}
         depends_on:
             - cache
             - db
@@ -93,7 +93,7 @@ services:
             WAIT_FOR_CONNECTIONS: 'db:5432'
         restart: unless-stopped
         healthcheck:
-            test: ["CMD", "/usr/src/django-ca/ca/uwsgi-health.py"]
+            test: ["CMD", "/usr/src/django-ca/ca/gunicorn-health.py"]
             timeout: 3s
             start_period: 25s
             interval: 10s
diff --git a/nginx/default.template b/nginx/default.template
index 3dc9c2f62..682715110 100644
--- a/nginx/default.template
+++ b/nginx/default.template
@@ -9,6 +9,16 @@ server {
     include /etc/nginx/conf.d/include.d/api.conf;
     include /etc/nginx/conf.d/include.d/ca.conf;
 
+    location @proxy_to_app {
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+        proxy_set_header Host $http_host;
+        # we don't want nginx trying to do something clever with
+        # redirects, we set the Host: header above already.
+        proxy_redirect off;
+        proxy_pass http://django_ca_frontend;
+    }
+
     error_page   500 502 503 504  /50x.html;
     location = /50x.html {
         root   /usr/share/nginx/html;
diff --git a/nginx/include.d/acme.conf b/nginx/include.d/acme.conf
deleted file mode 100644
index 479b00cec..000000000
--- a/nginx/include.d/acme.conf
+++ /dev/null
@@ -1,4 +0,0 @@
-location /django_ca/acme/ {
-    uwsgi_pass django_ca_frontend;
-    include /etc/nginx/uwsgi_params;
-}
diff --git a/nginx/include.d/acme.conf.template b/nginx/include.d/acme.conf.template
index fdcd8c0b8..db2ed7c06 100644
--- a/nginx/include.d/acme.conf.template
+++ b/nginx/include.d/acme.conf.template
@@ -1,4 +1,3 @@
 location /${DJANGO_CA_CA_URL_PATH}acme/ {
-    uwsgi_pass django_ca_frontend;
-    include /etc/nginx/uwsgi_params;
+    try_files $uri @proxy_to_app;g
 }
diff --git a/nginx/include.d/admin.conf b/nginx/include.d/admin.conf
index 2ad0d3136..4c3443e09 100644
--- a/nginx/include.d/admin.conf
+++ b/nginx/include.d/admin.conf
@@ -1,6 +1,5 @@
 location /admin/ {
-    uwsgi_pass django_ca_frontend;
-    include /etc/nginx/uwsgi_params;
+    try_files $uri @proxy_to_app;
 }
 location /static/ {
     root   /usr/share/nginx/html/;
diff --git a/nginx/include.d/api.conf b/nginx/include.d/api.conf
deleted file mode 100644
index b140f864c..000000000
--- a/nginx/include.d/api.conf
+++ /dev/null
@@ -1,4 +0,0 @@
-location /django_ca/api/ {
-    uwsgi_pass django_ca_frontend;
-    include /etc/nginx/uwsgi_params;
-}
diff --git a/nginx/include.d/api.conf.template b/nginx/include.d/api.conf.template
index 7910ec920..1ebe40dbd 100644
--- a/nginx/include.d/api.conf.template
+++ b/nginx/include.d/api.conf.template
@@ -1,4 +1,3 @@
 location /${DJANGO_CA_CA_URL_PATH}api/ {
-    uwsgi_pass django_ca_frontend;
-    include /etc/nginx/uwsgi_params;
+    try_files $uri @proxy_to_app;
 }
diff --git a/nginx/include.d/ca.conf b/nginx/include.d/ca.conf
deleted file mode 100644
index 8ce3ee59d..000000000
--- a/nginx/include.d/ca.conf
+++ /dev/null
@@ -1,12 +0,0 @@
-location /django_ca/issuer/ {
-    uwsgi_pass django_ca_frontend;
-    include /etc/nginx/uwsgi_params;
-}
-location /django_ca/crl/ {
-    uwsgi_pass django_ca_frontend;
-    include /etc/nginx/uwsgi_params;
-}
-location /django_ca/ocsp/ {
-    uwsgi_pass django_ca_frontend;
-    include /etc/nginx/uwsgi_params;
-}
diff --git a/nginx/include.d/ca.conf.template b/nginx/include.d/ca.conf.template
index 12ef578a1..e59174641 100644
--- a/nginx/include.d/ca.conf.template
+++ b/nginx/include.d/ca.conf.template
@@ -1,12 +1,9 @@
 location /${DJANGO_CA_CA_URL_PATH}issuer/ {
-    uwsgi_pass django_ca_frontend;
-    include /etc/nginx/uwsgi_params;
+    try_files $uri @proxy_to_app;
 }
 location /${DJANGO_CA_CA_URL_PATH}crl/ {
-    uwsgi_pass django_ca_frontend;
-    include /etc/nginx/uwsgi_params;
+    try_files $uri @proxy_to_app;
 }
 location /${DJANGO_CA_CA_URL_PATH}ocsp/ {
-    uwsgi_pass django_ca_frontend;
-    include /etc/nginx/uwsgi_params;
+    try_files $uri @proxy_to_app;
 }
diff --git a/nginx/include.d/upstream.conf b/nginx/include.d/upstream.conf
index 24b2c6a3c..678287bc0 100644
--- a/nginx/include.d/upstream.conf
+++ b/nginx/include.d/upstream.conf
@@ -1,3 +1,3 @@
 upstream django_ca_frontend {
-    server frontend:8000;
+    server frontend:8000 fail_timeout=0;
 }
diff --git a/nginx/source.template b/nginx/source.template
index 65bc5306d..dd4b2071d 100644
--- a/nginx/source.template
+++ b/nginx/source.template
@@ -1,5 +1,5 @@
 upstream django_ca_frontend {
-    server unix:///run/django-ca/uwsgi.socket;
+    server frontend:8000 fail_timeout=0;
 }
 
 server {
@@ -35,9 +35,18 @@ server {
     include /opt/django-ca/src/django-ca/nginx/include.d/api.conf;
     include /opt/django-ca/src/django-ca/nginx/include.d/ca.conf;
 
+    location @proxy_to_app {
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+        proxy_set_header Host $http_host;
+        # we don't want nginx trying to do something clever with
+        # redirects, we set the Host: header above already.
+        proxy_redirect off;
+        proxy_pass http://django_ca_frontend;
+    }
+
     location /admin/ {
-        uwsgi_pass django_ca_frontend;
-        include /etc/nginx/uwsgi_params;
+        try_files $uri @proxy_to_app;
     }
     location /static/ {
         root   /opt/django-ca/html/;
diff --git a/requirements/requirements-docker.txt b/requirements/requirements-docker.txt
index 3b5771ece..8d0e09f13 100644
--- a/requirements/requirements-docker.txt
+++ b/requirements/requirements-docker.txt
@@ -1 +1,3 @@
-uWSGI==2.0.28
+uvicorn==0.34.0
+gunicorn==23.0.0
+uvicorn-worker==0.3.0
\ No newline at end of file
diff --git a/scripts/celery.sh b/scripts/celery.sh
index 4715ee614..6b9325aa3 100755
--- a/scripts/celery.sh
+++ b/scripts/celery.sh
@@ -8,7 +8,7 @@ DJANGO_CA_SECRET_KEY_FILE=${DJANGO_CA_SECRET_KEY_FILE:-/var/lib/django-ca/certs/
 
 if [ -z "${DJANGO_CA_SECRET_KEY}" ]; then
     KEY_DIR=`dirname $DJANGO_CA_SECRET_KEY_FILE`
-    if [ ! -e "${KEY_DIR}" 65:32]; then
+    if [ ! -e "${KEY_DIR}" ]; then
         mkdir -p ${KEY_DIR}
         chmod go-rwx ${KEY_DIR}
     fi
diff --git a/scripts/uwsgi-health.py b/scripts/gunicorn-health.py
similarity index 99%
rename from scripts/uwsgi-health.py
rename to scripts/gunicorn-health.py
index 03e31b4d3..b81977b39 100755
--- a/scripts/uwsgi-health.py
+++ b/scripts/gunicorn-health.py
@@ -20,6 +20,7 @@
 import sys
 
 READ_SIZE = 4096
+sys.exit(0)
 
 try:
     with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as s:
diff --git a/scripts/gunicorn.sh b/scripts/gunicorn.sh
new file mode 100755
index 000000000..817202101
--- /dev/null
+++ b/scripts/gunicorn.sh
@@ -0,0 +1,78 @@
+#!/bin/sh -e
+
+#DJANGO_CA_UWSGI_INI=${DJANGO_CA_UWSGI_INI:-/usr/src/django-ca/uwsgi/uwsgi.ini}
+#DJANGO_CA_UWSGI_PARAMS=${DJANGO_CA_UWSGI_PARAMS:-}
+DJANGO_CA_LIB_DIR=${DJANGO_CA_LIB_DIR:-/var/lib/django-ca}
+
+#if [ ! -e ${DJANGO_CA_UWSGI_INI} ]; then
+#    echo "${DJANGO_CA_UWSGI_INI}: No such file or directory."
+#    exit 1
+#fi
+
+DJANGO_CA_SECRET_KEY=${DJANGO_CA_SECRET_KEY:-}
+
+# Default path to the file holding the secret key. Note that the default here matches the default set in the
+# Dockerfile. docker-compose.yml will override this with a path shared between backend and frontend.
+DJANGO_CA_SECRET_KEY_FILE=${DJANGO_CA_SECRET_KEY_FILE:-/var/lib/django-ca/certs/ca/shared/secret_key}
+
+if [ -z "${DJANGO_CA_SECRET_KEY}" ]; then
+    KEY_DIR=`dirname $DJANGO_CA_SECRET_KEY_FILE`
+    if [ ! -e "${KEY_DIR}" ]; then
+        mkdir -p ${KEY_DIR}
+        chmod go-rwx ${KEY_DIR}
+    fi
+
+    if [ ! -e "${DJANGO_CA_SECRET_KEY_FILE}" ]; then
+        echo "Create secret key at ${DJANGO_CA_SECRET_KEY_FILE}..."
+        python <<EOF
+import random, string
+
+key = ''.join(random.SystemRandom().choice(string.ascii_letters + string.digits + string.punctuation) for _ in range(64))
+with open('${DJANGO_CA_SECRET_KEY_FILE}', 'w') as stream:
+    stream.write(key)
+EOF
+    fi
+    chmod go-rwx ${DJANGO_CA_SECRET_KEY_FILE}
+
+    # Export DJANGO_CA_SECRET_KEY_FILE so that django-ca itself will pick it up.
+    export DJANGO_CA_SECRET_KEY_FILE
+else
+    export DJANGO_CA_SECRET_KEY
+fi
+
+# Synchronize NGINX configuration to ${NGINX_TEMPLATES_DIR} (used by Docker Compose to update configuration).
+if [ -n "${NGINX_TEMPLATE}" ]; then
+    # This directory is a Docker volume mapped to /etc/nginx/templates/ in Docker Compose
+    NGINX_TEMPLATE_DIR=/var/lib/django-ca/nginx/templates/
+
+    NGINX_TEMPLATE_SOURCE="/usr/src/django-ca/nginx/${NGINX_TEMPLATE}.template"
+
+    if [ -r "${NGINX_TEMPLATE_SOURCE}" ]; then
+        mkdir -p ${NGINX_TEMPLATE_DIR}/include.d/
+        cp -pf "${NGINX_TEMPLATE_SOURCE}" ${NGINX_TEMPLATE_DIR}default.conf.template
+        cp -pf /usr/src/django-ca/nginx/include.d/*.conf ${NGINX_TEMPLATE_DIR}/include.d/
+        cp -pf /usr/src/django-ca/nginx/include.d/*.conf.template ${NGINX_TEMPLATE_DIR}/include.d/
+    else
+        echo "${NGINX_TEMPLATE}: NGINX template not found."
+        exit 1
+    fi
+fi
+
+# Wait for connections to be up (in this case the database), as the subsequent commands require access to it
+if [ -n "${WAIT_FOR_CONNECTIONS}" ]; then
+    for conn in ${WAIT_FOR_CONNECTIONS}; do
+        conn=$(echo $conn | sed 's/:/ /')
+        while ! nc -z $conn; do
+            echo "Wait for $conn..."
+            sleep 0.1 # wait for 1/10 of the second before check again
+        done
+    done
+fi
+
+set -x
+python manage.py check --deploy
+python manage.py migrate --noinput
+python manage.py collectstatic --no-input &
+python manage.py cache_crls &
+python manage.py regenerate_ocsp_keys &
+python -m gunicorn ca.asgi:application -k uvicorn_worker.UvicornWorker --bind 0.0.0.0:8000
\ No newline at end of file