X-Forwarded-Proto forcing HTTPS redirect

I currently have Kong setup on my kubernetes cluster via helm with the following config:

  ssl_cert: /etc/secrets/tls/tls.crt
  ssl_cert_key: /etc/secrets/tls/tls.key
  trusted_ips: ",::/0"
  proxy_listen: " http2 proxy_protocol, ssl http2 proxy_protocol"
  real_ip_header: "proxy_protocol"

and the ingress has the following:

    konghq.com/protocols: "https"
    konghq.com/https-redirect-status-code: "308"

When hitting kong via curl with the following curl https://foo.com/bar" -H "X-Forwarded-Proto: http" -v then a 308 is returned even though the connection to kong is secure. The nature of our app that is making the request to kong requires the x-forwarded-* headers to be sent as-is which is why I trust all IP addresses. If I change the “X-Forwarded-Proto” to “https” then no redirect occurs.
Can I disable the redirect that is driven by the “X-Forwarded-Proto” header at all but still bump http traffic to https?

Discussions · Kong/kong · GitHub is probably best for unusual proxy behavior. Not sure what would cause the HTTPS redirect system to not detect the forwarded protocol correctly.