[
https://issues.apache.org/jira/browse/ZOOKEEPER-4867?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Chris Sampson updated ZOOKEEPER-4867:
-------------------------------------
Summary: Cannot use encrypted PEM certificate (was: Cannot use encrypted
Elliptic Curve PEM certificate)
> Cannot use encrypted PEM certificate
> ------------------------------------
>
> Key: ZOOKEEPER-4867
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-4867
> Project: ZooKeeper
> Issue Type: Bug
> Components: quorum, server
> Affects Versions: 3.9.2
> Reporter: Chris Sampson
> Priority: Major
>
> TLS can be enabled in ZooKeeper and configured using PEM formatted files.
> However, if the PEM file contains an encrypted EC private key, ZooKeeper is
> not able to find it within the PEM file.
> The {{PemReader.loadPrivateKey}} method's RegEx does not match such a key,
> for example:
> {code}
> -----BEGIN EC PRIVATE KEY-----
> Proc-Type: 4,ENCRYPTED
> DEK-Info: AES-256-CBC,e49
> rdz
> -----END EC PRIVATE KEY-----
> {code}
> This appears to be because the RegEx does not allow {{-}} or {{,}} characters
> within the body of the private key.
> There may be other problems with using such keys beyond the RegEx matching.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
