Apache, Tomcat and SSL

Its a popular thing to use Apache (or nginx,¬†etc.) as a reverse-proxy server fronting Tomcat. However, documentation on such practices tends to gloss over certain important things. Specifically: 1. Who owns the SSL cert that manages such a configuration. Apache or Tomcat? 2. Is the Apache-to-Tomcat tunnel encrypted? If so, how? I finally decided to determine by experimentation. […]