"Header set" vs. "Header always set"

NextCloud 14.0.2, Ubuntu 18.04.1, Apache 2.4.29

Interesting situation … if this line:

Header always set X-Frame-Options SAMEORIGIN

appears in my httpd.conf, I get the message:

The "X-Frame-Options" HTTP header is not set to "SAMEORIGIN"

in the Settings | Administration | Overview screen. If I inspect the headers, that header shows up twice. (And I understand that’s not a good thing, so I get why Nextcloud would complain about it - although the warning message could be more informative.)

That header directive is not in my .htaccess file (or anyplace else I can find). So two questions:

#1, where is the second instance coming from?

#2, why doesn’t “always set” just override any existing header?