Index: modules/proxy/ajp_header.c
===================================================================
--- modules/proxy/ajp_header.c	(Revision 306903)
+++ modules/proxy/ajp_header.c	(Arbeitskopie)
@@ -341,8 +341,10 @@
  *   SetEnv SSL_SESSION_ID CUSTOM_SSL_SESSION_ID
  * </Location>
  */
+    /* Also ensure that SC_A_SSL_CERT is only set if not empty */
     if ((envvar = ap_proxy_ssl_val(r->pool, r->server, r->connection, r,
-                                AJP13_SSL_CLIENT_CERT_INDICATOR))) {
+                                AJP13_SSL_CLIENT_CERT_INDICATOR))
+        && (*envvar)) {
         if (ajp_msg_append_uint8(msg, SC_A_SSL_CERT) ||
             ajp_msg_append_string(msg, envvar)) {
             ap_log_error(APLOG_MARK, APLOG_ERR, 0, r->server,
@@ -352,8 +354,10 @@
         }
     }
 
+    /* Also ensure that SC_A_SSL_CIPHER is only set if not empty */
     if ((envvar = ap_proxy_ssl_val(r->pool, r->server, r->connection, r,
-                                AJP13_SSL_CIPHER_INDICATOR))) {
+                                AJP13_SSL_CIPHER_INDICATOR))
+        && (*envvar)) {
         if (ajp_msg_append_uint8(msg, SC_A_SSL_CIPHER) ||
             ajp_msg_append_string(msg, envvar)) {
             ap_log_error(APLOG_MARK, APLOG_ERR, 0, r->server,
@@ -363,8 +367,10 @@
         }
     }
 
+    /* Also ensure that SC_A_SSL_SESSION is only set if not empty */
     if ((envvar = ap_proxy_ssl_val(r->pool, r->server, r->connection, r,
-                                AJP13_SSL_SESSION_INDICATOR))) {
+                                AJP13_SSL_SESSION_INDICATOR))
+        && (*envvar)) {
         if (ajp_msg_append_uint8(msg, SC_A_SSL_SESSION) ||
             ajp_msg_append_string(msg, envvar)) {
             ap_log_error(APLOG_MARK, APLOG_ERR, 0, r->server,