git.feebdaed.xyz Git - 0xmirror/nginx.git/commit

]> git.feebdaed.xyz Git - 0xmirror/nginx.git/commit

projects / 0xmirror / nginx.git / commit

author	Aleksei Bavshin <a.bavshin@nginx.com>
	Tue, 17 Dec 2024 01:56:45 +0000 (17:56 -0800)
committer	Aleksei Bavshin <a.bavshin@f5.com>
	Mon, 26 May 2025 13:56:18 +0000 (06:56 -0700)
commit	0fdbfc1ff45adb8e98e71004e5d147987e7d8974
tree	5785c5fc00cfb5e4fce1e04c8f92a685c2925648	tree \| snapshot
parent	6a134dfd4888fc3850d22294687cfb3940994c69	commit \| diff

SSL: support loading keys via OSSL_STORE.

A new "store:..." prefix for the "ssl_certificate_key" directive allows
loading keys via the OSSL_STORE API.

The change is required to support hardware backed keys in OpenSSL 3.x using
the new "provider(7ossl)" modules, such as "pkcs11-provider". While the
engine API is present in 3.x, some operating systems (notably, RHEL10)
have already disabled it in their builds of OpenSSL.

Related: https://trac.nginx.org/nginx/ticket/2449

src/event/ngx_event_openssl_cache.c

diff | blob | history

Unnamed repository; edit this file 'description' to name the repository.

RSS Atom