代理通过 nginx 反向代理转到 http 转 https

我已经配置了 nginx，让反向代理将 80 和 443 上的请求转发到 443 上的 Apache 服务器。但是它不起作用，

我的配置是：

    server {
    
        listen 192.168.50.55:80;
        listen 192.168.50.55:443 ssl;
        server_name groupware.example.com;
        add_header Content-Security-Policy "frame-ancestors example.com cloud.example.com";
    
        ssl_certificate           /etc/letsencrypt/live/groupware.example.com/fullchain.pem;
        ssl_certificate_key       /etc/letsencrypt/live/groupware.example.com/privkey.pem;
    
        ssl_session_cache  builtin:1000  shared:SSL:10m;
        ssl_protocols  TLSv1.2;
        ssl_ciphers HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4;
        ssl_prefer_server_ciphers on;
        server_name_in_redirect on;
        proxy_set_header Host groupware.example.com;
    
        access_log            /var/log/nginx/groupware.log;
    
        location / {
    
          proxy_set_header        Host $host;
          proxy_set_header        X-Real-IP $remote_addr;
          proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
          proxy_set_header        X-Forwarded-Proto $scheme;
          proxy_pass          https://groupware.example.com;
          proxy_read_timeout  90;
           
        }

   location ~ .well-known {

                 root /srv/web;
        }

  }

这是 curl -I 的输出http://groupware.example.com：

HTTP/1.1 302 Found
Server: nginx/1.14.2
Date: Fri, 17 Jul 2020 13:26:30 GMT
Content-Type: text/html; charset=iso-8859-1
Location: http://groupware.example.com/something
Connection: keep-alive
Content-Security-Policy: frame-ancestors example.com cloud.example.com

编辑1

我在 Apache 虚拟主机（上游）的配置中有以下几行：

<If "%{HTTP_HOST} == 'groupware.example.com'">
    RedirectMatch ^/$ https:/groupware.example/something
</If>

为什么对 http:// 的请求不会转到代理服务器的 https:// ？