[PATCH 0 of 1] allow to use engine keyform for server private key

Maxim Dounin mdounin at mdounin.ru
Fri Jul 4 12:31:52 UTC 2014


Hello!

On Fri, Jul 04, 2014 at 12:18:03PM +0000, Пичулин Дмитрий Николаевич wrote:

> We looked at STORE_METHOD but didn't find any good examples.
> We looked at "format=%s engine=% key=%" at single ssl_certificate_key directive but found this way more complex.
> 
> Currently, we want to add 2 directives to ngx_http_ssl_module (as seen in openssl apps args):
> ssl_certificate_keyform type;
> ssl_certificate_engine device;
> 
> "Type" can be PEM or ENGINE with default PEM. "Device" defines ssl engine when "type" is ENGINE in a current http, server context.
> 
> Will this be enough?

Doesn't looks like a good solution for me.

BTW, posting in text/plain, with appropriate quoting and with 
In-Reply-To is a plus.  Thank you.

-- 
Maxim Dounin
http://nginx.org/



More information about the nginx-devel mailing list