Is it possible a transparent https redirect ---> [http | https]?
Interested in the possibility of forwarding the request on port 443 (https) on mine own resources, but with minor amendments.
You can do it with a firewall. But you need a self-signed certificate, which will turn up your nose all browsers. Generate and add the root certificate is not necessary.
When you need to request on 443 port as much as possible transparently (without swearing browsers on the certificate, install the root certificate and other things requiring any manipulation of the client device) to the client to wrap him up in a captive portal. Iptables [REDIRECT | DNAT] are not suitable, if not IntranetSSL (expensive solution). Squid SSL Bump as far as I understand it, also requires the installation of the root certificate.
Asking for help from more experienced and knowledgeable members of the community.