Hi Bernard,
Can you try calling 'session delete ssl [SSL::sessionid]' to remove the SSL cert from the session table? I'm thinking something like this:
HTTP::respond 302 Location $location Connection Close Cache-Control No-Cache Pragma No-Cache
session delete ssl [SSL::sessionid]
SSL::session invalidate
If that doesn't work, I think you might need to call SSL::renegotiate after SSL::session invalidate to request that the client negotiate a new SSL session.
However, doing using SSL::renegotiate will open you up to the vulnerability described in SOL10737. There is a fix in 11.0beta2 and possibly one for 10.2.x. You could open a case with F5 Support to get status on this. See this thread for details:
http://devcentral.f5.com/Community/GroupDetails/tabid/1082223/aff/5/afv/topic/aft/1178540/afc/1251057/Default.aspx
Aaron