There is actually a rather simple way to perform what you are asking. If you configure SSL on a proxy server (I used a RHEL 5.8 server with apache installed), you can do it with the following three lines:
RewriteCond %{SSL:SSL_CLIENT_S_DN_CN} ([0-9]+$)
RewriteRule (.*) - [E=USER:%1]
RequestHeader set xuser %{USER}e
Assuming you have configured your proxy server correctly, you can use the above three statements to send your login information to Splunk as "Xuser". At that point, it is a matter of typing in the correct AD attribute in Splunk.
After this process is complete, the certificate authentication is then done by Apache. Apache then forwards the username on to splunk. Splunk SSO references Active Directory for the user account based on the attribute you specified in Splunk.
... View more