The variables supported by the servlet interface are the following:

To get the client certificate or any SSL information from the browser you have to use mod_header to add the SSL information to header. To do that add in httpd.conf of Apache httpd the following:

RequestHeader set SSL_CLIENT_CERT "%s"
RequestHeader set SSL_CIPHER "%s"
RequestHeader set SSL_SESSION_ID "%s"
RequestHeader set SSL_CIPHER_USEKEYSIZE "%s"

Then you need a valve in Tomcat to extract the information from the request Headers. See the original code. The valve has been integrated in Tomcat and in JBossWeb (since 2007).

Once you have build the valves.jar copy it in server/lib/ and edit server.xml to add <Valve className="SSLValve"/> in the <Engine/> part of the file.