Welcome! Log In Create A New Profile

Re: [PATCH 0 of 1] allow to use engine keyform for server private key

Forum List Message List New Topic Print View

Piotr Sikora

March 25, 2014 02:26PM

Hello,

> While this functionality looks interesting, the patch certainly
> needs more work before it will be possible to commit it. In
> particular, the patch will break compilation with mail module, not
> even talking about style issues.
>
> I also can't say I like the way how it's expected to be
> configured. There should be a better way to do this, probably
> some parameter of the ssl_certificate_key directive ("format="? or
> rather "engine="?) and/or some specific path prefix to load a key
> from an engine.

On top of what Maxim already wrote, I'd like to see the counterpart
for the ssl_certificate directive.

Also, I prefer the "engine=" parameter.

Best regards,
Piotr Sikora

_______________________________________________
nginx-devel mailing list
nginx-devel@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-devel

Reply Quote

RSS

Subject	Author	Views	Posted
[PATCH 0 of 1] allow to use engine keyform for server private key	Tatiana Kondakova	794	March 25, 2014 08:42AM
[PATCH 1 of 1] add keyform option to SSL config to support loading private key from engine without exporting it to file	Tatiana Kondakova	323	March 25, 2014 08:42AM
Re: [PATCH 0 of 1] allow to use engine keyform for server private key	Maxim Dounin	317	March 25, 2014 01:12PM
Re: [PATCH 0 of 1] allow to use engine keyform for server private key	Piotr Sikora	258	March 25, 2014 02:26PM
Re: [PATCH 0 of 1] allow to use engine keyform for server private key	Maxim Dounin	286	March 25, 2014 02:44PM
Re: [PATCH 0 of 1] allow to use engine keyform for server private key	Piotr Sikora	368	March 25, 2014 04:12PM