After installing Cockpit from packet manager (on Debian in this case) and trying to reverse-proxy it's default local port, as usual, you will notice that you can't log in.

Create a file /etc/cockpit/cockpit.conf

[WebService]
AllowUnencrypted = true
Origins = https://[DESTINATION HOST]
ProtocolHeader = X-Forwarded-Proto

Reload cockpit

systemctl restart cockpit.socket