Dear all!
I have the same setup as described above: Nginx enforcing ssl as reverse proxy before http apache. Changing getBaseUrl to allow protocol-relative links per default as described here, fixed all problems.
It seems, that you came to the conclusion that this is the better default anyways? Why is it not set on OJS 3.1?
Best,
Patrik Keller