Securing the HTTPS private key
roger at netskrt.io
Wed Nov 14 20:17:57 UTC 2018
does NGINX support any mechanisms to securely access the private key of server certificates?
Specifically, could NGINX make a request to a key store, rather than reading from a local file?
Are there any best practices for keeping private keys secure?
I understand the basics. The key file should only be readable by root. I cannot protect the key with a pass-phrase, as NGINX needs to start and restart autonomously.
More information about the nginx