The Private Key must be of type PKCS1 in PEM format.
The easiest way to determine what type you have is to look at the certificate headers.
Example of a PKCS1 private key in PEM format
-----BEGIN RSA PRIVATE KEY----- <YOUR PRIVATE KEY CONTENT> -----END RSA PRIVATE KEY-----
Example of a PKCS8 (unencrypted) private key in PEM format
-----BEGIN PRIVATE KEY----- <YOUR PRIVATE KEY CONTENT> -----END PRIVATE KEY-----
Example of a PKCS8 (encrypted) private key in PEM format
-----BEGIN ENCRYPTED PRIVATE KEY----- <YOUR PRIVATE KEY CONTENT> -----END ENCRYPTED PRIVATE KEY-----
Encrypted private keys are not supported
To convert an unencrypted private key from PKCS8 to PKCS1 use the openssl command below:
openssl rsa -in xxxxx-private-no-rsa.pem.key -out xxxxx-private-converted.pem.key
OpenSSL 3+ does not support PKCS1 by default and you will need use -traditional on the openssl rsa command.
openssl rsa -in xxxxx-private-no-rsa.pem.key -traditional -out xxxxx-private-converted.pem.key
Overview
Content Tools