If it is only http://url.com/ you would want a redirectRegex middleware before the redirectScheme on a router on the http entryPoint.
If you are redirecting everything to https anyway then a route using the https entryPoint and redirectRegex should be sufficient.
The route handling /subpath/ would need to remain at a higher priority then the redirectRegex or you would keep matching the same redirect rule when the client gets redirected.
First if you are redirecting everything on your web entry point to https may I suggest EntryPoint Redirection and entrypoint TLS (Traefik v2.2). It saves a catchall rule or a rule and middleware per service. I find it a lot cleaner to work with.
I would go about it like:
# This would _only_ match http://app.url.com
traefik.http.routers.app-websecure-redir.rule: Host(`app.url.com`) && Path(`/`)
traefik.http.routers.app-websecure-redir.tls: true
traefik.http.routers.app-websecure-redir.middlewares: app-websecure-redir
traefik.http.middlewares.app-websecure-redir.redirectregex.regex: ".*"
traefik.http.middlewares.app-websecure-redir.redirectregex.replacement: https://app.url.com/subpath/
...
# Your router is here
traefik.http.routers.app-websecure.rule: Host(`app.url.com`) && PathPrefix(`/subpath/`)
...
...
I hope this helps, if there is anything more complex like redirecting anything that does NOT have /subpath/ or requires passing the original path to subpath then the redirectregex can be updated.
As I got to the end of this I thought if your app returns the correct path on the request you could just do an addPrefix.
# This would _only_ match http://app.url.com/
traefik.http.routers.app-websecure-redir.rule: Host(`app.url.com`) && Path(`/`)
traefik.http.routers.app-websecure-redir.tls: true
traefik.http.routers.app-websecure-redir.middlewares: app-websecure-addsub
traefik.http.middlewares.app-websecure-addsub.addPrefix.prefix: /subpath
...
# Your router is here
traefik.http.routers.app-websecure.rule: Host(`app.url.com`) && PathPrefix(`/subpath/`)
...
...