The basic problem is that these old apps are very badly written, if they use absolute URLs to point to things on the same site.
The only real good way to do this, is to modify these apps and pages, to use relative links. Maybe you could do that with some automated script ?
Otherwise, you are going to be applying patches over patches over redirects over rewrites all over the place, and there will always be something not working, and it will be a maintenance nightmare.
What you have to think about it this :
- If *the browser* gets a html page containing a link that starts with "http://", then *the browser* is going to establish a HTTP (non-secure) connection with the server, and send that request through this connection.
- If *the browser* gets a html page containing a link that starts with "https://", then *the browser* is going to establish a HTTPS (secure) connection with the server, and pass that request through this connection.
There is nothing that the server can do, to magically change a HTTP to a HTTPS connection. (At best, the server could send back a "redirect" response).
So if your pages, server-side, originally contain links that start with "http://", you have to change those links, *inside of the pages*, before you send them to the browser. Otherwise there is little that you can do on the server side.
You can theoretically achieve this, on the server side, with a filter which examines all the outgoing pages and replaces the links in them before they go out to the browser, but as you can imagine this is very inefficient, and prone to errors.