68 cards
Posted almost 9 years ago. Visible to the public.

Fix "A client error (MalformedCertificate) occurred: Invalid Private Key." at AWS SSL Certificate upload

I'm creating certificate requests with this command:

openssl req -new -out www.example.com.csr -keyout www.example.com.key -newkey rsa:2048 -nodes

When I try to upload the certificate to AWS IAM I get this error:

$ aws iam upload-server-certificate --server-certificate-name www.example.com-2013010-2014010 --certificate-body www.example.com.crt --private-key www.example.com.key --certificate-chain www.example.com.ca-bundle A client error (MalformedCertificate) occurred: Invalid Public Key Certificate.

That's because of the format of the key file (www.example.com.key).

If it starts with -----BEGIN PRIVATE KEY----- you have to convert it to rsa:

mv www.example.com.key www.example.com.key_norsa openssl rsa -in www.example.com.key_norsa -out www.example.com.key

After this the key file should start with -----BEGIN RSA PRIVATE KEY----- and the upload should work without any problems.

Your development team has a full backlog of feature requests, chores and refactoring coupled with deadlines? We are familiar with that. With our "DevOps as a Service" offering, we support developer teams with infrastructure and operations expertise.

Owner of this card:

Kim Jahn
Last edit:
over 5 years ago
by Andreas Herz
About this deck:
We are makandra and do test-driven, agile Ruby on Rails software development.
License for source code
This website uses short-lived cookies to improve usability.
Accept or learn more