Hello!
On Sun, Jul 26, 2015 at 12:20:25AM +0800, Anthony Alba wrote:
> Hi developers,
>
> I am using nginx with an OpenSSL engine (Safenet Luna) which is a
> wrapper over PKCS#11.
>
> The handles return by ENGINE_load_private_key cannot be used in child
> processes, aka, workers due to PKCS#11, thus causing SSL connection
> errors.
>
> The private key seems to be loaded in ngx_ssl_certificate(); is there
> a way to tell nginx to call this function per child process?
That's not something nginx is expected to do. It's the engine
responsibility to properly handle fork() calls. This was alrady
discussed in this list at least twice.
--
Maxim Dounin
http://nginx.org/
_______________________________________________
nginx-devel mailing list
nginx-devel@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-devel