I would suspect that redirects are handled by the receiving web server, not by the firewall itself. While it is possible to have port 443 redirected to port 80, this will not remove the encryption and thus may cause issues once it arrives on the web server on port 80.
Is this for an Inbound tunnel (port forward)? If so, it is done by creating a policy for Service <USER DEFINED> TCP 443->80
Like I mentioned above, there is still the attempt by your browser to establish an encrypted channel.