I've some poking around and I'm not seeing anything relevant so I'm wondering if anyone has found a feasible method of pointing nginx at a remote keystore for fetching certificates on startup/reload? Conceptually this is for PCI compliance and keeps the certificates from ever being anywhere except encyrpted on the wire or in memory.