Hi all,

nevermind, i m using ssl_scache_remove() now, to invalidate the session,
thats working perfectly.

mod_ssl stores a copy of the session in the cache, so any changes to the
session object are lost when it gets retrieved from the cache again. i
also noticed the openssl cacheoperation callback functions dont seem to
work. (openssl 0.97)

serge
__________________________________________________ ____________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org