[BUG] 2.9.0 if private key is still PKCS#1 deployment/upgrade to 2.9.0 fails with invalid key

[Kuckkuck]

What is the bug?
Until 2.9.0 it was possible to deploy OpenSearch with PKCS#1 keys, even if the documentation says private key has to be PKCS#8.

OpenSearch release notes for 2.9.0 should list this breaking change.

[peternied]

I think its really lame that this worked in 2.8 and then broke in 2.9 even if we didn't have documentation specifically allowing this behavior. I'd like to see this fixed, if we could manage it in 2.10, but that is by EOD, so I'm not sure how those odds look. I'd need to get feedback from more of the team before we made a choice.

I'm pretty sure we'd accept a pull request for this support, but I'd leave that to the triage meeting to make the ultimate 'triaged' decision.