We're running a CA Access Gateway (SPS) and when user tries to access a
resource in HTTPS, then once logged in, the target becomes HTTP
(without ssl) and the request fails.

We've tried the solution from this community in vain :

  Target URL Change
  https://community.broadcom.com/communities/community-home/digestviewer/viewthread?MID=820489

and we've tried to follow instruction from these KD in vain too :

  Access Gateway returns redirect to HTTP: rather than HTTPS:
  https://ca-broadcom.wolkenservicedesk.com/external/article?articleId=110262

  When using an SSL offloader, the TARGET parameter when redirected to
  the login.fcc page is changed to specify a http: rather than https:
  protocol even though the original request was made over https:
  https://ca-broadcom.wolkenservicedesk.com/external/article?articleId=51429

How can we solve this ?

From the CA Access Gateway (SPS) httpd.conf, we see that the SPS
doesn't listen on port 80, but on 10000 :

httpd.conf :

  Listen 10000
  ServerName myserver.mydomain.com:10000
  LoadModule headers_module modules/mod_headers.so
  <IfModule headers_module>
  Header edit Location "(^http://)" "https://"

  CA Access Gateway (SPS) 12.8SP0 on RedHat 6;
  Policy Server 12.8P0 on RedHat 6;

Make the HTTPSPorts ACO parameter to include the ports defined in the
httpd.conf Listen parameter to solve this issue.

The HTTPSPorts should have value with 10000 at least.