You didn't show your Apache proxy definition. I'm assuming that it's mod_jk and not mod_proxy.
I haven't worked with mod_jk in a while, but I have doubts about having it do ssl to Tomcat. Unless you're very paranoid, usually the SSL is from cloud to Apache, but the Apache-to-Tomcat link is not SSL, For one thing the coyote protocol isn't widely documented, and for another, if someone already owns your LAN (or worse, your local loop), then you have bigger problems.
If you could show us the snippets of your Apache proxy definition and the server.xml Connector element from Tomcat, that would help us a lot.
When it comes to destroying a civilization, gas chambers cannot hold a candle to echo chambers.