Thank you very much—that worked for me as well.
I have changed
proxy_set_header X-Forwarded-Proto $scheme;
to
proxy_set_header X-Forwarded-Proto https;
and that did it. Also, I wanted to share with the community the nginx config from the Plesk host (which is used only to forward the hostname/subdomain to the internal/NAT ip)—maybe it’ll be of any help for someone else…
location ~ ^/(?!(.well-known)) {
proxy_pass http://<ip>:80;
proxy_set_header Host $http_host;
proxy_set_header CLIENT_IP $remote_addr;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}