Versions Compared

Old Version 6

changes.mady.by.user Gill Houghton

Saved on

compared with

New Version 7

changes.mady.by.user Gill Houghton

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

The Private Key must be of type PKCS1 in PEM format.

The easiest way to determine what type you have is to look at the certificate headers.

Example of a PKCS1 private key in PEM format

-----BEGIN RSA PRIVATE KEY-----
<YOUR PRIVATE KEY CONTENT>
-----END RSA PRIVATE KEY-----

Example of a PKCS8 (unencrypted) private key in PEM format

-----BEGIN PRIVATE KEY-----
<YOUR PRIVATE KEY CONTENT>
-----END PRIVATE KEY-----

Example of a PKCS8 (encrypted) private key in PEM format

-----BEGIN ENCRYPTED PRIVATE KEY-----
<YOUR PRIVATE KEY CONTENT>
-----END ENCRYPTED PRIVATE KEY-----
Warning
Encrypted private keys are not supported



To convert an unencrypted private key from PKCS8 to PKCS1 use the openssl command below:

Code Block
openssl rsa -in xxxxx-private-no-rsa.pem.key -out xxxxx-private-converted.pem.key




Note

OpenSSL 3+ does not support PKCS1 by default and you will need use -traditional on the openssl rsa command.

Code Block
openssl rsa -in xxxxx-private-no-rsa.pem.key -traditional -out xxxxx-private-converted.pem.key