L’errore reale sembra essere Impossibile verificare l’autenticità del token CSRF. La risposta si trovava in questa discussione: Can't Login to Discourse - CSRF Token Authenticity
Ho aggiunto quanto segue al mio file apache2.conf:
RequestHeader set X-Forwarded-Proto https
Dal log degli errori:
Started POST "/session" for {my.ip} at 2021-08-07 11:45:54 +0000
Processing by SessionController#create as */*
Parameters: {"login"=>"{me}", "password"=>"[FILTERED]", "second_factor_method"=>"1", "timezone"=>"America/Denver"}
Can't verify CSRF token authenticity.
Rendered text template (Duration: 0.0ms | Allocations: 1)
Filter chain halted as :verify_authenticity_token rendered or redirected
Completed 403 Forbidden in 13ms (Views: 1.5ms | ActiveRecord: 0.0ms | Allocations: 898)