We are hosting several web sites to Redhat Linux/x86 platforms using the
apache/mod-ssl secure web server implementation. Our problem is this, we
would like to implement an explicit "logout" feature for some of our secure
virtual hosts. This feature would simply be implemented as a logout button
embedded in an HTML page that would kick-off a server-side cgi script
(written in either Perl or C). The sole function of this logout script
would be to purge all SSL session data from the server's cache. Thus, a
complete renegotiation of the SSL session would be forced, even if a client
browsed back to the site before the cache timeout period expires. Is this
possible and, if so, could you point us to the necessary documentation?
Thanks!
Shelley
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
