Use ECDSA instead of RSA

[fossedihelm]

What this PR does / why we need it:
Currently, kubevirt generates certificates with RSA signature. ECDSA, in general, create signatures faster than RSA. Also, OLM already uses ECDSA^[1], and it would be right to conform. The elliptic curve used is the NIST P-256 (FIPS 186-3, section D.2.3), also known as secp256r1 or prime256v1: this is supported by TLS1.3^[2].

^[1] https://github.com/operator-framework/operator-lifecycle-manager/blob/master/pkg/controller/certs/certs.go#L31:L34
^[2] https://www.rfc-editor.org/rfc/rfc8446#section-4.2.7

Which issue(s) this PR fixes (optional, in fixes #<issue number>(, fixes #<issue_number>, ...) format, will close the issue(s) when PR gets merged):
Fixes #

Special notes for your reviewer:

Release note:

Use ECDSA instead of RSA for key generation

[kubevirt-bot]

Skipping CI for Draft Pull Request.
If you want CI signal for your change, please convert it to an actual PR.
You can still manually trigger a test run with /test all

[fossedihelm]

/test all

[fossedihelm]

/test pull-kubevirt-e2e-k8s-1.25-sig-compute-migrations-root
/test pull-kubevirt-e2e-kind-1.23-vgpu
/test pull-kubevirt-e2e-k8s-1.24-sig-storage-root
/test pull-kubevirt-e2e-k8s-1.24-sig-compute-root
/test pull-kubevirt-e2e-k8s-1.24-sig-compute
/test pull-kubevirt-e2e-k8s-1.25-sig-compute
/test pull-kubevirt-e2e-k8s-1.26-sig-compute

[fossedihelm]

/test pull-kubevirt-e2e-k8s-1.25-sig-compute-migrations-root

[fossedihelm]

/retest-required

[fossedihelm]

/retest

[acardace]

/approve

[kubevirt-bot]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: acardace

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• OWNERS [acardace]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[fossedihelm]

/retest-required

[fossedihelm]

/cherrypick release-0.59

[kubevirt-bot]

@fossedihelm: once the present PR merges, I will cherry-pick it on top of release-0.59 in a new PR and assign it to you.

In response to this:

/cherrypick release-0.59

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[kubevirt-commenter-bot]

/retest-required
This bot automatically retries required jobs that failed/flaked on approved PRs.
Silence the bot with an /lgtm cancel or /hold comment for consistent failures.

[kubevirt-bot]

@fossedihelm: The following test failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name	Commit	Details	Required	Rerun command
pull-kubevirt-fossa	448748c	link	false	/test pull-kubevirt-fossa

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here.

[kubevirt-commenter-bot]

/retest-required
This bot automatically retries required jobs that failed/flaked on approved PRs.
Silence the bot with an /lgtm cancel or /hold comment for consistent failures.

[kubevirt-commenter-bot]

/retest-required
This bot automatically retries required jobs that failed/flaked on approved PRs.
Silence the bot with an /lgtm cancel or /hold comment for consistent failures.

[kubevirt-bot]

@fossedihelm: new pull request created: #9345

In response to this:

/cherrypick release-0.59

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[fossedihelm]

/cherrypick release-0.58

[kubevirt-bot]

@fossedihelm: #9127 failed to apply on top of branch "release-0.58":

Applying: Use ECDSA instead of RSA
Using index info to reconstruct a base tree...
A	cmd/example-guest-agent/BUILD.bazel
A	cmd/example-guest-agent/main.go
M	pkg/storage/export/export/export.go
M	pkg/storage/export/export/export_test.go
M	tests/infra_test.go
M	tests/storage/export.go
Falling back to patching base and 3-way merge...
Auto-merging tests/storage/export.go
Auto-merging tests/infra_test.go
Auto-merging pkg/storage/export/export/export_test.go
Auto-merging pkg/storage/export/export/export.go
Auto-merging cmd/virt-freezer/BUILD.bazel
CONFLICT (content): Merge conflict in cmd/virt-freezer/BUILD.bazel
CONFLICT (modify/delete): cmd/example-guest-agent/main.go deleted in HEAD and modified in Use ECDSA instead of RSA. Version Use ECDSA instead of RSA of cmd/example-guest-agent/main.go left in tree.
error: Failed to merge in the changes.
hint: Use 'git am --show-current-patch=diff' to see the failed patch
Patch failed at 0001 Use ECDSA instead of RSA
When you have resolved this problem, run "git am --continue".
If you prefer to skip this patch, run "git am --skip" instead.
To restore the original branch and stop patching, run "git am --abort".

In response to this:

/cherrypick release-0.58

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.