I have a .pem file containing my private key that I need to pass as an authorization header.
I've tried just using the command $(cat $REPO_ROOT/pulsar/tls/broker/broker.key.pem) but I'm getting the response: <h1>Bad Message 400</h1><pre>reason: Illegal character LF=\n</pre>0
Can I not pass the contents of my .pem straight into the header?
CLUSTER=standalone
TENANT=sandbox
NAMESPACE=integration_test
AUTHORIZATION=$(cat $REPO_ROOT/pulsar/tls/broker/broker.key.pem)
# Create tenant
curl -L -X PUT "http://localhost:$HOST_PULSAR_PORT/admin/v2/tenants/$TENANT" \
--header "Authorization: Bearer $AUTHORIZATION" \
--header 'Content-Type: application/json' \
--data-raw "{\"allowedClusters\": [\"$CLUSTER\"]}"
The private key needs to be carefully secured. You should never have to pass it in an HTTP header.
For Pulsar you should be using the private key to generate a JWT token to use in the HTTP header. You can use the following command:
bin/pulsar tokens create --private-key file:///path/to/my-private.key \
--subject test-user
The subject of the token should match the authorization role on the Pulsar tenant or namespace. For more details, see https://pulsar.apache.org/docs/en/security-token-admin/