Issue #5443 - Forwarding Headers are optional

+ Simplify isSecure handling in customize.
+ Simplify handling of `Proxy-Ssl-Id` header.
+ Simplify handling of `Proxy-auth-cert` header.

Signed-off-by: Joakim Erdfelt <joakim.erdfelt@gmail.com>

jetty-server/src/main/java/org/eclipse/jetty/server/ForwardedRequestCustomizer.java

@@ -481,13 +481,12 @@ public void customize(Connector connector, HttpConfiguration config, Request req
 
         if (match)
         {
-            String proto = "http";
+            String proto;
 
             // Is secure status configured from headers?
             if (forwarded.isSecure())
             {
-                // set default to https
-                proto = config.getSecureScheme();
+                request.setSecure(true);
             }
 
             // Set Scheme from configured protocol
@@ -528,15 +527,6 @@ public void customize(Connector connector, HttpConfiguration config, Request req
                 request.setAuthority(host, port);
             }
 
-            // Set secure status
-            if (forwarded.isSecure() ||
-                proto.equalsIgnoreCase(config.getSecureScheme()) ||
-                port == getSecurePort(config))
-            {
-                request.setSecure(true);
-                request.setScheme(proto);
-            }
-
             // Set Remote Address
             if (forwarded.hasFor())
             {
@@ -801,6 +791,7 @@ public void handleCipherSuite(HttpField field)
             if (isSslIsSecure())
             {
                 _secure = true;
+                _proto = "https";
             }
         }
 
@@ -811,6 +802,7 @@ public void handleSslSessionId(HttpField field)
             if (isSslIsSecure())
             {
                 _secure = true;
+                _proto = "https";
             }
         }