Support PKCS1 encoded private keys #5245
Labels
Comments
jkwatson
added
help wanted
Feature Request
|
Closing since we support low level configuration of the SSL context in #5280. It seems unlikely that we would add direct support for formats not supported out of the box by the JDK since we try to avoid dependencies. |
|
Makes sense, thanks a lot team for assisting on this. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Describe the bug
The
setClientTlsmethod supported by client builders such as OtlpHttpSpanExporterBuilder takes only the raw pem files as byte array and takes care of the conversion. However, the conversion code on does not support PKCS1 format, as supported by default for many certificate providers such as cert-manager.Although this is fair and can be a design choice given that PKCS1 is not supported out-of-the-box by the JDK (bouncy castle supports it), alternative means to reach support for PKCS1 type of keys must be provided, such as supporting more generic arguments such as
SSLContextas requested on #5211. As of now, the only way to support PKCS1 is to re-write most of the SDK client code.The text was updated successfully, but these errors were encountered: