You can change the default outgoing protocol for requests that go through the on demand router. By default, the on demand router matches the incoming protocol to the outgoing protocol.
Configure the ODR to perform SSL offload for partial HTTPS traffic, or on a per-web module basis.