Forwarding SSL environment when using http/https proxy:
The variables supported by the servlet interface are the following:
To get the client certificate or any SSL information from the broswer you have to use mod_header to add the SSL information to header. To do that add in httpd.conf of Apache httpd the following:
RequestHeader set SSL_CLIENT_CERT "%s" RequestHeader set SSL_CIPHER "%s" RequestHeader set SSL_SESSION_ID "%s" RequestHeader set SSL_CIPHER_USEKEYSIZE "%s"
Then you need a valve in Tomcat to extract the information from the request Headers.
See http://anonsvn.jboss.org/repos/jbossweb/sandbox/valves/. (the original code).
The valve has been integrated in Tomcat and in JBossWeb (since 2007).
Once you have build the valves.jar copy it in server/lib/ and edit server.xml to add:
in the <Engine/> part of the file.