I already unsuccessfully tried restarting and trace level increasing.
Relevant parameters are actually set in this way:
WEB DISPATCHER
ssl/server_pse = /usr/sap/WDT/W00/sec/SAPSSLS.pse
ssl/client_pse = /usr/sap/WDT/W00/sec/SAPSSLC.pse
wdisp/ssl_encrypt=1
wdisp/ssl_auth=2
wdisp/ssl_cred = /usr/sap/WDT/W00/sec/SAPSSLC.pse
icm/HTTPS/forward_ccert_as_header = true
icm/HTTPS/verify_client = 1
wdisp/add_client_protocol_header = true
wdisp/ssl_ignore_host_mismatch = 1
AS JAVA
icm/accept_forwarded_cert_via_http = false
icm/HTTPS/trust_client_with_subject = *
icm/HTTPS/trust_client_with_issuer = *
icm/server_port_0 = PROT=P4, PORT=50104
icm/server_port_1 = PROT=IIOP, PORT=50107
icm/server_port_2 = HOST=localhost, PROT=TELNET, PORT=50108
icm/server_port_3 = VCLIENT=1, PROT=HTTPS, PORT=50001
icm/server_port_4 = PROT=HTTP, TIMEOUT=60, PROCTIMEOUT=600, PORT=50100
Thanks a lot
Fabrizio