I've tested this patch on Mac OSX 10.6.8, Fedora Core 16, and Redhat Linux 5.4
It handles, httpPort not being set so only https starts up
it adds 3 options to the startup
It checks for the 6 -Djavax.net.ssl properties for setting up key and trust stores
I also added PasswordUtil to allow the passwords to be obfuscated (a security requirement for some systems is no passwords in clear text ... I know obfuscation is like closing your front door and hoping know one uses the peep hole).
I've confirmed function as best I can with and without http turned on and with and without clientAuth. It appears to be working correctly.