Hi,
If you are still looking for an answer to this question, this might help.
In order for ANY Load Balancer (or reverse proxy) to add the X-Forwarded-For header to a request for the backend to read/log, the Load Balancer has to decrypt the request first. That's because the headers are part of the encrypted request and not the transport layer. That's why your backend (nginx) will see the client IP in the X-Forwarded-For header for only HTTP and not HTTPS requests.
For the time being, the only way to fix this is to NOT use the Edge Gateway Load Balancer service for HTTPS requests and create your own VM that will do the Load Balancing for all incoming HTTPS connections, offload the SSL and add the X-Forwarded-For header. I suggest to simply use your existing nginx to handle all your HTTPS requests. If you want faileover & redundancy, then you have to create 2 or more VMs that are doing the Load Balancing for you and team them up (Google up "NIC Bonding").
HTH,
- A