Welcome! Log In Create A New Profile

Advanced

How to connect Windows CNG with Nginx in order to protect server private keys?

Posted by Summerok 
How to connect Windows CNG with Nginx in order to protect server private keys?
January 12, 2021 04:50AM
As I read on this question [1], private keys are protected by CNG mechanisms in Windows. So using NGINX, I would like to know how to stablish the communication between NGINX and this cryptographic API in Windows since I didn't find any evidence in NGINX documentation to do so.

Thank you,


[1] - https://security.stackexchange.com/questions/231868/how-to-protect-web-server-private-keys-on-ubuntu-with-nginx-without-exposing-any
Re: How to connect Windows CNG with Nginx in order to protect server private keys?
April 22, 2021 05:17AM
Summerok Wrote:
-------------------------------------------------------
> As I read on this question [1], private keys are protected by CNG
> mechanisms in Windows. So using NGINX, I would like to know how to
> stablish the communication between NGINX and this cryptographic API in
> Windows since I didn't find any evidence in NGINX documentation to do
> so.
>
> Thank you,
>
>
> [1] -
> https://security.stackexchange.com/questions/231868/how-to-protect-web
> -server-private-keys-on-ubuntu-with-nginx-without-exposing-any


No answer yet

Hello World
https://www.softlay.com
Re: How to connect Windows CNG with Nginx in order to protect server private keys?
April 22, 2021 01:22PM
There isn't an answer other than this has not been implemented anywhere yet.

However, you can look into this sample;
https://www.codeproject.com/Articles/11578/Encryption-using-the-Win32-Crypto-API

And then incorporate this with Lua.
ea. https://luajit.org/ext_ffi.html

---
nginx for Windows http://nginx-win.ecsds.eu/
Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 65
Record Number of Users: 6 on February 13, 2018
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready