Lighttpd installieren und Proxy Modul aktivieren:
  apt-get install lighttpd
  lighty-enable-mod proxy 
  /etc/init.d/lighttpd force-reload
   
Zertifikat erzeugen:
 mdkir /etc/lighttpd/certs
 chmod 600 /etc/lighttpd/certs
 openssl req -new -x509 -keyout server.pem -out server.pem -days 3650 -nodes
 
Inhalt der lighttpd.conf anpassen, siehe Abschnitt "SSL engine":
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
server.modules = (
        "mod_access",
        "mod_alias",
        "mod_compress",
        "mod_redirect",
#       "mod_rewrite",
)

server.document-root        = "/var/www/html"
server.upload-dirs          = ( "/var/cache/lighttpd/uploads" )
server.errorlog             = "/var/log/lighttpd/error.log"
server.pid-file             = "/var/run/lighttpd.pid"
server.username             = "www-data"
server.groupname            = "www-data"
server.port                 = 80


index-file.names            = ( "index.php", "index.html", "index.lighttpd.html" )
url.access-deny             = ( "~", ".inc" )
static-file.exclude-extensions = ( ".php", ".pl", ".fcgi" )

compress.cache-dir          = "/var/cache/lighttpd/compress/"
compress.filetype           = ( "application/javascript", "text/css", "text/html", "text/plain" )

# default listening port for IPv6 falls back to the IPv4 port
include_shell "/usr/share/lighttpd/use-ipv6.pl " + server.port
include_shell "/usr/share/lighttpd/create-mime.assign.pl"
include_shell "/usr/share/lighttpd/include-conf-enabled.pl"

# SSL engine
$SERVER["socket"] == ":443" {
                  ssl.engine    = "enable"
                  ssl.pemfile   = "/etc/lighttpd/certs/server.pem"
}

$HTTP["host"] == "server.domain.net" {
        proxy.server  = ( "" => ( (
                "host" => "127.0.0.1",
                "port" => 8000
        ) ) )
}
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Zum Schluss:
 /etc/init.d/lighttpd force-reload