Latte Xu
Reputation: 29
where is the TLS session key stored when configuring nginx ssl engine as pkcs11?
I configure ssl_engine in nginx as pkcs11. It means that nginx server used the key stored in hsm as its identity in TLS connection. However, the TLS master key (or shared key, or session key) is depend on what comes from client, cannot be generated in hsm itself. So are those key : the TLS master key (and shared key, and session key) stored in nginx memory instead of HSM? if yes, the incoming TLS traffic to nginx are not decrypted in HSM, are they?
Thank you!
Upvotes: 0
Views: 57
Answers (0)
Related Questions
- nginx the "ssl" directive is deprecated, use the "listen ... ssl"
- Cannot load key from pkcs11 engine into nginx configuration
- How to establish TLS session in python using PKCS11
- SSL and man-in-the-middle misunderstanding
- Where can I find the error logs of nginx, using FastCGI and Django?
- SSL Connection With Private Keys in HSM
- TLS Handshaking and SSL Session Reuse
- SSL port unification with nginx and SNI
- How to export master secret from browser SSL/TLS session?