Apache 2.x : Terminate SSL Session from own module ?
i try to terminate a session in my own module by setting the creation
time and flushing the cache, unfortunately by the next request from the
same client i get the same session again. (actually it seems to take it
from the cache (ignoring the openssl sessioncache attributes).
is there any way i can force mod_ssl to explicitly invalidate a session
so it will get deleted from the cache aswell ?
the code is use is basically:
r->connection->keepalive = -1;
ssl_sess = SSL_get_session(ssl);
ssl_ctx = SSL_get_SSL_CTX(ssl);
ssl_sess->not_resumable = 1;
anyone has a hint for me what i am doing wrong or what i additionally
need to do to get rid of the session ?
Apache Interface to OpenSSL (mod_ssl) [url]www.modssl.org[/url]
User Support Mailing List [email]email@example.com[/email]
Automated List Manager [email]firstname.lastname@example.org[/email]