Hi Rob, thanks for your input.
As far as the openssl documentation goes, what comes out of that command should be a PEM-encoded PKCS#8 RSA key. Moreover, I insist on the fact that the same key was previously working on 7.0.1, 7.4.2, and 7.5.2 versions. I also looked at the documentation page for those versions of Logstash and they have the same pre-requisites that make me believe that our key might not be the problem.
Despite these findings, I tried the following:
Converting the key using this command:
openssl pkcs8 -topk8 -inform pem -in our.key.pem -outform pem -nocrypt -out new.key.pem
Also tried this:
openssl rsa -in our.key.pem -text > temp.key.pem
openssl pkcs8 -topk8 -inform pem -in temp.key.pem -outform pem -nocrypt -out new.key.pem
The second case bring the key back to traditional format (I have checked it manually with a cat between the two commands), before converting it in a PEM-encoded PKCS#8 RSA key.
None of those tries solved the problem. We still have exactly the same issue / error in the logs. Moreover, we tried last week to launch Logstash with the debug flag and this doesn't prompt anything more.
Last but not the least. As proposed by the support, we tried putting ssl_key_passphrase => '' in the input configuration, nothing changed.
Anyone here able to reproduce this issue on a fresh install? 7.6.x releases are pretty recent but I would be really surprised if we were the only ones facing this issue...