I have IdentityServer4 running behind a load balancer that redirects https calls to http resources. This means that my IdentityServer will be running on http but will need to show https URLs in it's discovery page (.well-known/openid-configuration).

What's the most elegant way to transform http urls on this page to https?

Set the PublicOrigin option (see docs).

services.AddIdentityServer( options => 
    options.PublicOrigin = "https://foo.bar.com" 
)
    .AddSigningCredential(...)
    .AddValidationKey(...)
    .AddInMemoryIdentityResources(...)
    .AddInMemoryClients(...)
    .AddProfileService<...>();