No support of OpenSSL 3.x Provider Support in NGINX, OpenSSL Engine API deprecated #787
hardikpatel9
started this conversation in
Ideas
Replies: 1 comment
-
|
Nginx supports providers as it normally initializes OpenSSL so you just need to specify and configure the provider in your openssl.cnf. If you use custom OPENSSL_CONF, it might need in some cases also add |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
We are currently unable to use OpenSSL 3.x providers with NGINX. Since the OpenSSL Engine API is deprecated, we require support for the newer provider interface. Specifically, we are looking for functionality similar to ssl_engine, which allows configuration to be passed via nginx.conf. However, there is currently no mechanism to pass custom provider-specific data through a directory or configuration block.
We are working on (async_mode_nginx) to support different application like qatengine which now relies engine using the Engine ctrl API as interface between engine and application for set and get params, looking for similar framework support for the provider.
What are the plans for NGINX to support the OpenSSL 3.x "provider" API as a replacement for the deprecated Engine API?
Beta Was this translation helpful? Give feedback.
All reactions