This isn't an issue related to the web server software. Was the site working before the change? I believe that issue is more in the Empresa config related to crypto / ssl libraries. Does diagtool show anything useful?

hmm after reading your post I checked our mivavm.conf file and noticed these lines:

So I checked and that file doesn't exist on the nginx server - instead we have /usr/lib64/libcrypto.so.1.0.0e - so I made this update:

Then I killed mivavm and restarted it:

But still getting the same error to my surprise.. Maybe this info is helpful from the System Variables page of diagtool:

Other tests etc from diagtool are all passes..

The apache site was (and still is) running ok, we haven't switched over to nginx yet

Problem is fixed, I misread the 1s and 0s in the file names. I entered this into mivavm.conf:

But I should have had:

Corrected the entries, uploaded the conf file, killed mivavm and restarted it and all is good.

Ah very good, that was actually going to be my next question because 1.0.0 can't do TLS 1.2 which I thought may end up impacting you if you use a payment gateway even if we did get it figured out. :-)

Yea I go a little cross-eyed when looking at all those 1s and 0s and dots lol

One more issue for you if you don't mind, rather than creating another thread. The next thing for me to do would be re-encrypt everything (the merchdb.dat file is plain text at the moment). So I went to the PA-DSS Checklist and saw a fatal error at the bottom:

This already seemed weird because the DB on the nginx site started as a straight copy of the DB on the live site, so how could one table be missing right? But anyway I figured I'd just use PHPMyAdmin to dump a copy of the s01_PivateKeys table from the live site and import it into the nginx site - but it turns out that table doesn't exist on the live site. And even weirder - when I visit the PA-DSS Checklist on the live site, it doesn't give the fatal error. There are other issues as far as pass/fail, but no fatal error..

I looked at the source code in the 9.07.03 LSK and I see the code to create the s01_PivateKeys table, so technically I could just use PHPMyAdmin and manually create an empty one and set up the structure, but I have a feeling this is a bad idea.

The private key data is referenced separately in the merchdb.dat file and can be in the same database the store uses, a different one (on a different host as well), or dbase file. Perhaps you have a second database named 'miva' that the other store uses for the key data? Or the entire mivadata directory wasn't replicated and a dbase database file collection didn't come over?

That was it - I'd removed the merchdb.dat file's reference to mm5_privatekey.dbf on the nginx server, and I forgot about it. I forget why I even removed it - I think I was just trying to get the DB connection working and I wanted the file as simple as possible. Anyway, I added it back and was able to go through encryption without a problem.

Looking like we should be able to switch to this server pretty soon now. Thank you again!