You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Caused by: java.lang.IllegalStateException: Unrecognized private key format in classpath:tls.key
at org.springframework.boot.web.server.PrivateKeyParser.parse(PrivateKeyParser.java:79) ~[spring-boot-2.7.4.jar:2.7.4]
at org.springframework.boot.web.server.CertificateFileSslStoreProvider.createKeyStore(CertificateFileSslStoreProvider.java:83) ~[spring-boot-2.7.4.jar:2.7.4]
at org.springframework.boot.web.server.CertificateFileSslStoreProvider.getKeyStore(CertificateFileSslStoreProvider.java:51) ~[spring-boot-2.7.4.jar:2.7.4]
at org.springframework.boot.web.embedded.tomcat.SslConnectorCustomizer.configureSslStoreProvider(SslConnectorCustomizer.java:129) ~[spring-boot-2.7.4.jar:2.7.4]
... 15 common frames omitted
The problem seems to lie in the patterns used by the PrivateKeyParser which supports "RSA" in the header/footer but not "EC".
The text was updated successfully, but these errors were encountered:
philwebb
changed the title
Elliptic-curve TLS keys in PEM format are not supported
Unrecognized private key format thrown when using PEM formatted elliptic-curve TLS keys
Oct 12, 2022
philwebb
changed the title
Unrecognized private key format thrown when using PEM formatted elliptic-curve TLS keys
PEM formatted elliptic-curve TLS keys are an unrecognized private key format
Oct 12, 2022
Certificate and private key files can also be used to configure the connection to the Docker daemon when using the Maven spring-boot:build-image goal and Gradle bootBuildImage task. We've added support for ECDSA keys to the Docker configuration in Spring Boot 2.6, in addition to supporting ECDSA keys with server.ssl.certificate-private-key and server.ssl.trust-certificate-private-key in Spring Boot 2.7.
I'm using Spring Boot 2.7.3 and would like to use the following, recently introduced, properties for specifying TLS keys in PEM format:
This works for RSA keys but not for ECDSA keys. The issue can be reproduced with the following
tls.crt
andtls.key
files:I'm getting the following exception:
The problem seems to lie in the patterns used by the PrivateKeyParser which supports "RSA" in the header/footer but not "EC".
The text was updated successfully, but these errors were encountered: