See https://issues.redhat.com/browse/RHELDOCS-21483

nginx does not currently support PKCS#11 tokens via pkcs11-provider due to missing support for the OpenSSL OSSL_STORE API (as noted in comment 8 of the upstream nginx ticket). This limitation has not yet been fixed upstream and would require nginx changes to add OSSL_STORE usage.

In the meantime, pkcs11-provider has implemented a documented workaround that enables use with older applications, including nginx, by embedding PKCS#11 URIs in PEM files. This workaround is described here:
https://github.com/latchset/pkcs11-provider/blob/main/docs/provider-pkcs11.7.md#use-in-older-applications-uris-in-pem-files

The nginx team should test whether this workaround functions correctly with nginx. If successful, existing documentation stating that nginx does not work with pkcs11-provider should be updated to instead include instructions for using this workaround.