Interesting. You mean Chrome wouldn't do this if there was no ssl on the whole subdomain? Might be worth trying.
Redirecting isn't really a great option because the wrapper app is usually saved
as a shortcut to the tablet homescreens to run in full screen mode... saving the redirected url would break more frequently. Also the wrapper iframe polls lots of known local addresses and sees which one loads.
A quick skim of what I think is the relevant file[1] in the chrome source suggests that would work. So worth a shot. If you can deploy enterprise chrome settings to the tablets that's also apparently an option.
Here's what I'm assuming is the relevant bugtracker entry for the implementation [2].
Redirecting isn't really a great option because the wrapper app is usually saved as a shortcut to the tablet homescreens to run in full screen mode... saving the redirected url would break more frequently. Also the wrapper iframe polls lots of known local addresses and sees which one loads.