0

I have a set of a DSA client private key, client- and and a CA certificate files, which I would like to use with the kafka-go library. I have been trying to parse the files but have been unsuccessful. The aformentioned key and certificate files are correct, as they are being used in other places, written in Javascript though. I have been trying to parse them in the following manner: 

func NewTLSConfig(clientCertFile, clientKeyFile, caCertFile string) (*tls.Config, error) {
    tlsConfig := tls.Config{}
    cert, err := tls.LoadX509KeyPair(clientCertFile, clientKeyFile
    ...

Where the string inputs are correct file paths. At this point I get the following error:

tls: failed to parse private key

which is coming from the parsePrivateKey function of the tls library. When checking the the function's input, it seems to be fine.

cert.PrivateKey, err = parsePrivateKey(keyDERBlock.Bytes)

The keyDERBlock object is populated, it has a proper type and bytes. What could be the issue? Thank you!

I have created a small Github repo to illustrate the issue.

Jani
  • 507
  • 3
  • 21
  • we can't easily debug incomplete snippets. Provide a complete verifiable example. – erik258 Apr 19 '20 at 17:46
  • The function expects file paths as an input, not sure how to reproduce it with go playground for example. I could create a simple git repo, that illustrates the problem though :) – Jani Apr 19 '20 at 18:22
  • a fine idea. It would be good to include the code here. I think there's a good chance you discover the solution while you try to put together a minimal reproduction of the error - I usually do. – erik258 Apr 19 '20 at 18:24
  • Yes, fair point. I have created a small repo here: https://github.com/donfrigo/dsa-error. Thank you in advance! – Jani Apr 19 '20 at 18:37
  • Hi, has anyone found a solution for this? Does Go TLS just not support DSA? Thanks! – Brad Urani Sep 11 '20 at 21:11

1 Answers1

0

The issue has been solved by using RSA keys instead of DSA.

Jani
  • 507
  • 3
  • 21