diff -Nur mod_auth_tkt-2.1.0.old/src/mod_auth_tkt.c mod_auth_tkt-2.1.0/src/mod_auth_tkt.c
--- mod_auth_tkt-2.1.0.old/src/mod_auth_tkt.c	2009-07-10 03:46:51.000000000 -0400
+++ mod_auth_tkt-2.1.0/src/mod_auth_tkt.c	2016-06-13 04:57:55.934000000 -0400
@@ -1188,6 +1188,7 @@
   char *back_arg_name = conf->back_arg_name;
   char *url, *cookie, *back;
   const char *hostinfo = 0;
+  char *xproto = 0 ;
   int port;
 
   /* Get the scheme we use (http or https) */
@@ -1206,6 +1207,10 @@
   /* Use X-Forward-Host header for host:port info if available */
   /* Failing that, use Host header */
   hostinfo = apr_table_get(r->headers_in, "X-Forwarded-Host");
+  xproto = apr_table_get(r->headers_in, "X-Forwarded-Proto");
+  if ( xproto && (strncasecmp(xproto, "http", 4) == 0) ) {
+    scheme= xproto;
+  }
   if (! hostinfo) hostinfo = apr_table_get(r->headers_in, "Host");
   if (! hostinfo) {
     /* Fallback to using r->hostname and the server port. This usually