Nginx and Nitrokey HSM integration

Hi , I am going through the documentation of Nitro key . Basically I have 2 questions ,
1> Can we fetch/point certificates and keys from Nitrokey HSM to an nginx server ?
2>How exactly an application can fetch certificates and keys from Nitrokey HSM ?

Any documentation guide, please share.


You need to use ssl_certificate_key engine:name:id directive:

The value engine:name:id can be specified instead of the file (1.7.9), which loads a secret key with a specified id from the OpenSSL engine name.

You need to learn how to set up OpenSSL engine configuration for you token, quick search reveals some information from Colin Paice related to Nitrokey HSM or from @raymii (Remy van Elst)

Ok ,if I am going to use certificates authorities in that case using open SSL engine will not be an issue? Please correct me.

@raymii guide takes you through the generation of the certificate signing request for a CA using openssl engine as well: