Chris Sampson created ZOOKEEPER-4867:
----------------------------------------
Summary: Cannot use encrypted Elliptic Curve PEM certificate
Key: ZOOKEEPER-4867
URL: https://issues.apache.org/jira/browse/ZOOKEEPER-4867
Project: ZooKeeper
Issue Type: Bug
Components: quorum, server
Affects Versions: 3.9.2
Reporter: Chris Sampson
TLS can be enabled in ZooKeeper and configured using PEM formatted files.
However, if the PEM file contains an encrypted EC private key, ZooKeeper is not
able to find it within the PEM file.
The {{PemReader.loadPrivateKey}} method's RegEx does not match such a key, for
example:
{code}
-----BEGIN EC PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: AES-256-CBC,e49
rdz
-----END EC PRIVATE KEY-----
{code}
This appears to be because the RegEx does not allow {{-}} or {{,}} characters
within the body of the private key.
There may be other problems with using such keys beyond the RegEx matching.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
