Using Yubikey/PKCS11 for Upstream Client Certificates
erik
nginx-forum at forum.nginx.org
Tue Feb 4 08:00:43 UTC 2020
Hi there,
I'm building a reverse proxy that needs to use TLS client certificates for
authentication to its proxy_pass location.
The documentation at
https://docs.nginx.com/nginx/admin-guide/security-controls/securing-http-traffic-upstream/
is pretty clear in how to point Nginx to the signed certificate and private
key file, but my cert and key are in hardware (YubiKey in PIV mode).
I have pkcs11 support through OpenSC, but I'm wondering if Nginx can work
with that. Is there a way to have it use the yubikey through pkcs11?
Cheers,
Erik
Posted at Nginx Forum: https://forum.nginx.org/read.php?2,286922,286922#msg-286922
More information about the nginx
mailing list