I have an IIS 7.5 web application to which clients connect using aka two way SSL; The client certificate is provided using a smart card.
I have a need for a web application for a timeout. When the timeout occurs, I would like to destroy the SSL session (assuming that on IIS), forcing the client to re-authenticate.
How can I destroy an SSL session? (I do not mean HttpSessionState)
source
share