Performance-Analyzer does not appear to support PKCS#1 encoded private keys when I enable TLS.
When I use a PKCS#1 private key, I get the following error:
6:23:48.626 [main] ERROR org.opensearch.performanceanalyzer.PerformanceAnalyzerWebServer - Unable to create HttpServer
java.lang.ClassCastException: class org.bouncycastle.openssl.PEMKeyPair cannot be cast to class org.bouncycastle.asn1.pkcs.PrivateKeyInfo (org.bouncycastle.openssl.PEMKeyPair and org.bouncycastle.asn1.pkcs.PrivateKeyInfo are in unnamed module of loader 'app')
at org.opensearch.performanceanalyzer.CertificateUtils.getPrivateKey(CertificateUtils.java:58) ~[performance-analyzer-rca-2.11.0.0.jar:?]
at org.opensearch.performanceanalyzer.CertificateUtils.createKeyStore(CertificateUtils.java:68) ~[performance-analyzer-rca-2.11.0.0.jar:?]
at org.opensearch.performanceanalyzer.PerformanceAnalyzerWebServer.createHttpsServer(PerformanceAnalyzerWebServer.java:108) ~[performance-analyzer-rca-2.11.0.0.jar:?]
at org.opensearch.performanceanalyzer.PerformanceAnalyzerWebServer.createInternalServer(PerformanceAnalyzerWebServer.java:44) [performance-analyzer-rca-2.11.0.0.jar:?]
at org.opensearch.performanceanalyzer.PerformanceAnalyzerApp.createClientServers(PerformanceAnalyzerApp.java:348) [performance-analyzer-rca-2.11.0.0.jar:?]
at org.opensearch.performanceanalyzer.PerformanceAnalyzerApp.createClientServers(PerformanceAnalyzerApp.java:320) [performance-analyzer-rca-2.11.0.0.jar:?]
at org.opensearch.performanceanalyzer.PerformanceAnalyzerApp.main(PerformanceAnalyzerApp.java:113) [performance-analyzer-rca-2.11.0.0.jar:?]
What is the bug?
Performance-Analyzer does not appear to support PKCS#1 encoded private keys when I enable TLS.
When I use a PKCS#1 private key, I get the following error:
Here is the relevant section of the config:
The key has this format:
PKCS#8 encoded private keys work fine. Furthermore, everything works correctly if I convert the previously failing private key to PKCS#8
What is the expected behavior? Performance-Analyzer should start correctly when using a PKCS#1/RSA private key
What is your host/environment? OpenSearch 2.11 running in a Red Hat Enterprise Linux 8 container