diff -Nru jakarta-tomcat-5.5.9-src.orig/jakarta-tomcat-connectors/jk/java/org/apache/ajp/RequestHandler.java jakarta-tomcat-5.5.9-src/jakarta-tomcat-connectors/jk/java/org/apache/ajp/RequestHandler.java
--- jakarta-tomcat-5.5.9-src.orig/jakarta-tomcat-connectors/jk/java/org/apache/ajp/RequestHandler.java	2005-03-26 20:24:11.000000000 +0100
+++ jakarta-tomcat-5.5.9-src/jakarta-tomcat-connectors/jk/java/org/apache/ajp/RequestHandler.java	2005-10-07 15:59:42.000000000 +0200
@@ -350,33 +350,35 @@
                 break;
 		
 	    case SC_A_SSL_CERT     :
-		isSSL = true;
-                // Transform the string into certificate.
-                String certString = msg.getString();
-                byte[] certData = certString.getBytes();
-                ByteArrayInputStream bais = new ByteArrayInputStream(certData);
+		if (isSSL) {
+                    // Transform the string into certificate.
+                    String certString = msg.getString();
+                    byte[] certData = certString.getBytes();
+                    ByteArrayInputStream bais = new ByteArrayInputStream(certData);
+
+                    // Fill the first element.
+                    X509Certificate jsseCerts[] = null;
+                    try {
+                        CertificateFactory cf =
+                            CertificateFactory.getInstance("X.509");
+                        X509Certificate cert = (X509Certificate)
+                            cf.generateCertificate(bais);
+                        jsseCerts =  new X509Certificate[1];
+                        jsseCerts[0] = cert;
+                    } catch(java.security.cert.CertificateException e) {
+                        log("Certificate convertion failed" + e );
+                    }
  
-                // Fill the first element.
-                X509Certificate jsseCerts[] = null;
-                try {
-                    CertificateFactory cf =
-                        CertificateFactory.getInstance("X.509");
-                    X509Certificate cert = (X509Certificate)
-                        cf.generateCertificate(bais);
-                    jsseCerts =  new X509Certificate[1];
-                    jsseCerts[0] = cert;
-                } catch(java.security.cert.CertificateException e) {
-                    log("Certificate convertion failed" + e );
+                    req.setAttribute("javax.servlet.request.X509Certificate",
+                                     jsseCerts);
                 }
- 
-                req.setAttribute("javax.servlet.request.X509Certificate",
-                                 jsseCerts);
                 break;
 		
 	    case SC_A_SSL_CIPHER   :
-		isSSL = true;
-		req.setAttribute("javax.servlet.request.cipher_suite",
-				 msg.getString());
+		if (isSSL) {
+			req.setAttribute("javax.servlet.request.cipher_suite",
+					 msg.getString());
+		}
                 break;
 		
 	    case SC_A_SECRET   :
@@ -391,9 +393,10 @@
                 break;
 		
 	    case SC_A_SSL_SESSION  :
-		isSSL = true;
-		req.setAttribute("javax.servlet.request.ssl_session",
-				  msg.getString());
+		if (isSSL) {
+			req.setAttribute("javax.servlet.request.ssl_session",
+					  msg.getString());
+		}
                 break;
 		
 	    case SC_A_REQ_ATTRIBUTE :
@@ -402,9 +405,10 @@
                 break;
 
 	    case SC_A_SSL_KEY_SIZE: // Ajp13 !
-                isSSL = true;
-		req.setAttribute("javax.servlet.request.key_size",
-				 Integer.toString(msg.getInt()));
+                if (isSSL) {
+			req.setAttribute("javax.servlet.request.key_size",
+					 Integer.toString(msg.getInt()));
+		}
 		break;
     
         case SC_A_STORED_METHOD: