Forwarding SSL environment when using http/https proxy:


The variables supported by the servlet interface are the following:













To get the client certificate or any SSL information from the broswer you have to use mod_header to add the SSL information to header. To do that add in httpd.conf of Apache httpd the following:


RequestHeader set SSL_CLIENT_CERT "%s"
RequestHeader set SSL_CIPHER "%s"
RequestHeader set SSL_SESSION_ID "%s"
RequestHeader set SSL_CIPHER_USEKEYSIZE "%s"


Then you need a valve in Tomcat to extract the information from the request Headers.

See (the original code).

The valve has been integrated in Tomcat and in JBossWeb (since 2007).


Once you have build the valves.jar copy it in server/lib/ and edit server.xml to add:


<Valve className="SSLValve"/>

in the <Engine/> part of the file.