[PATCH 0 of 1] allow to use engine keyform for server private key
Piotr Sikora
piotr at cloudflare.com
Tue Mar 25 20:11:40 UTC 2014
Hey Maxim,
> I too think it would be good, but I'm not sure it's at all
> possible. OpenSSL interface seems to allow to load public key
> from an engine, but not a certificate. I may be wrong though.
We could use engine's STORE_METHOD, as it gives us access to:
STORE_get_certificate(), STORE_get_private_key(), STORE_get_crl() and
STORE_get_arbitrary() and use the old ENGINE_load_private_key() as the
fallback in case engine doesn't provide STORE_METHOD.
Best regards,
Piotr Sikora
More information about the nginx-devel
mailing list