Hi Andy,
in the past days I've reviewed some minor issues (MDL-43482, MDL-43483) in the chatd daemon so I had the chance to get in touch with the chatd daemon code design for my first time.
I was wrong in my previous post when talking about a "bug": long story short, this requires some more changes in the code and documentation on how a SSL tunneling could be achieved in order to support HTTPS by design so it could be filed into the Moodle Tracker as "an improvement".
It is "by design" since the chatd daemon talks with the browser using a plain but simplified HTTP protocol and the only way to let it support HTTPS should be to change those hard-coded http:// plus to re-route the chatd daemon port into an SSL tunneling using the same server certificate e.g. by introducing stunnel.
Creating the tunnel depends on the infrastructure too: in your case it could be a combination of HTTPS tunneling and proxying the chatd daemon port into the standard 443 - please, note that using the chatd daemon should mean to not use the web server otherwise why not using the standard (ajax or normal) chat? - i.e. use cases about the potential feasible setups are required in order to code a valuable solution.
HTH,
Matteo