I've been running into issues lately where users are reporting going to a URL on HTTPS and being redirected back to HTTP. I know it's due to the location response header using HTTP. I'm using mod_headers to modify the requests on the HTTPS virtual host, but I'm trying to figure out why the location header is being returned that way and why it seems it's now being noticed. Below is the current configuration. I'd like to figure out if there's something happening on the app side that's causing this to break, but not sure how to go about doing that.

Browser <https --> Load Balancer <https --> Apache (mod_proxy) <http --> Load Balancer <http --> Tomcat