PKCS11 in Fabric 2.2.x doesn't support MSPs with CA certificates that included RSA public keys

[marianothiago]

When starting the peer on fabric 2.2.9 with HSM (PKCS11), the following error message is being displayed:

"Certificate's public key type not recognized. Supported keys: [ECDSA]

To fix this bug, a pull request was requested

#4128

[denyeart]

Some history (also posted to the PR):

RSA removal commit - 80a20e3
Discussion about RSA removal and decision to restore - #2069
Restore RSA for SW implementation - #2121

It looks like it was only restored for SW implementation, so it makes sense to restore for PKCS11 implementation as well.

[denyeart]

@marianothiago Thanks for fixing in release-2.2. Have you checked whether updates are needed in main and release-2.5? It looks like the code structure is different in those branches.

Depending on your answer, we could close this issue as complete or suggest updates in main and release-2.5. Note that most production users will be updating from v2.2.x to v2.5.x since it is the latest LTS release.

[marianothiago]

@denyeart Thanks for help. I ran several tests on version 2.5.0, including organizations that have MSP certificates using RSA in their chain, and it worked great, as expected.

[denyeart]

ok, closing.