Data protection
Nginx
3min
this document provides information about configuring the {{k3}} with nginx by using {{futurex}} pkcs #11 libraries for additional questions about your {{k3}} , see the relevant user guide about nginx nginx is a web server that you can also use as a reverse proxy, load balancer, mail proxy, and http cache the software was created by igor sysoev and publicly released in 2004 nginx is free and open source software, released under the terms of the 2 clause bsd license a web server serves websites on the internet by using http protocol the primary job of all web servers is to accept requests from clients and send a response to that request (such as the components of the page that a visitor wants to see) using the {{k3}} to protect nginx private keys the nginx server can work with private keys stored on the {{k3}} , which helps to prevent disclosure of the keys and man in the middle attacks for secure communication with the https protocol, the nginx server uses the openssl library openssl does not support pkcs #11 natively to use hsms, install the openssl pkcs11 package on centos or the libenginepkcs11 openssl package on ubuntu these packages provide access to pkcs #11 modules through the engine interface you can use a pkcs #11 uri instead of a regular file name to specify a server key and use a certificate in the configuration file for the appropriate website integration overview this guide shows you how to perform the following tasks install {{futurex}} pkcs #11 configure the {{k3}} edit the {{futurex}} pkcs #11 configuration file install and configure the openssl engine configure the nginx server the following sections show you how to perform these tasks