Hi Victor, > You should be able to cleanly shut-down SSL on both sides, and > resume in a new process, provided the application protocol has > a clean session termination phase.
> For example, implementing an application level "STOPTLS" verb that > the initiator may request and the responder must confirm, after which > both sides tear down TLS. The connection stays open, and the initiator > may follow-up with a "client HELLO" to resume SSL. Victor, you've just described exactly what I've been trying to do. A clean shutdown on both sides, socket connection left open, then a "client HELLO" after which both sides initiate SSL again. I just can't seem to find a method of doing it that actually works. cheers Andrew
