I guess you’re right about the Header, I don’t think Nginx is setting anything.
Here are the response headers for an HTTPs piwik page:
HTTP/1.1 200 OK
Date: Tue, 18 Feb 2014 08:26:09 GMT
No trace of SSL related header. What header should it be?
About the redirect, I would expect Piwik to check also the port (443) to avoid infinite loop.
Anyways, it is working on my system now:
nginx listens on port 80
it redirect all requests on port 443
nginx listens on port 443
it hosts the Piwik app
piwik is configured to use SSL
I found by chance this setting:
assume_secure_protocol = 1
Now everything works except that Nginx DOES the redirect to HTTPs instead of Piwik but it doesn’t matter to me.