Let's stick with the forwarding middleware. What is the value rendered for <base href="@NavigationManager.BaseUri" /> that you see when browsing with https://example.com? Does it have https or http? If it is still http then the middleware isn't working properly for some reason.
Did you try adding some form of logging? Adding Console.WriteLine in SecurityService and AccountController would show what code is executed.
In any case here is my test application running on our Ubuntu server: https://next.radzen.com
You can login with test@example.com / Te$tpa$$1
Here is the source.EmptyApp.zip (254.7 KB)
Is your certificate self-signed? This won't work for sure and you would have to disable certificate validation.