Downloaded code, made local modifications, fixed the bob-lti.
BBB uses nginx as a front-end proxy to tomcat7. Consequently, when the tomcat hosted LTI module attempt to access its own REQUEST head, it sees http://127.0.0.1:8080, the behind the proxy tomcat7 address, not the address sent to nginx. The LTI needs that to properly calculate the encrypted signature sent by the LMS. So I added the nginx $scheme (resolves to http or https) variable to the http headers sent to tomcat7. Magic happened. BBB developers may or may not incorporate it into 0.90beta Release Candidate