[Certbot-dev] PKCS#11 Nginx serving
Jacob Hoffman-Andrews
jsha at eff.org
Wed Apr 26 11:40:56 PDT 2017
Following up from today's call, Nginx is capable of using SSL "engines",
which is how you would integrate a PKCS#11 key.
https://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_certificate_key
> Specifies a |/file/| with the secret key in the PEM format for the
given virtual server.
> The value |engine|:|/name/|:|/id/| can be specified instead of
the |/file/| (1.7.9), which loads a secret key with a
specified |/id/| from the OpenSSL engine |/name/|.
Note: I still don't think Certbot should implement support for PKCS#11
at this time.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.eff.org/pipermail/certbot-dev/attachments/20170426/da3ae8a2/attachment.html>
More information about the Certbot-dev
mailing list