Hi , I am going through the documentation of Nitro key . Basically I have 2 questions ,
1> Can we fetch/point certificates and keys from Nitrokey HSM to an nginx server ?
2>How exactly an application can fetch certificates and keys from Nitrokey HSM ?
Any documentation guide, please share.
You need to use
ssl_certificate_key engine:name:id directive:
id can be specified instead of the
file (1.7.9), which loads a secret key with a specified
id from the OpenSSL engine
You need to learn how to set up OpenSSL engine configuration for you token, quick search reveals some information from Colin Paice related to Nitrokey HSM or from @raymii (Remy van Elst)
Ok ,if I am going to use certificates authorities in that case using open SSL engine will not be an issue? Please correct me.
@raymii guide takes you through the generation of the certificate signing request for a CA using openssl engine as well: