Read more

Fix "A client error (MalformedCertificate) occurred: Invalid Private Key." at AWS SSL Certificate upload

Kim Klotz
October 22, 2013Software engineer at makandra GmbH

I'm creating certificate requests with this command:

openssl req -new -out -keyout -newkey rsa:2048 -nodes
Illustration web development

Do you need DevOps-experts?

Your development team has a full backlog? No time for infrastructure architecture? Our DevOps team is ready to support you!

  • We build reliable cloud solutions with Infrastructure as code
  • We are experts in security, Linux and databases
  • We support your dev team to perform
Read more Show snapshot

When I try to upload the certificate to AWS IAM I get this error:

$ aws iam upload-server-certificate --server-certificate-name --certificate-body --private-key --certificate-chain 
A client error (MalformedCertificate) occurred: Invalid Public Key Certificate.

That's because of the format of the key file (

If it starts with -----BEGIN PRIVATE KEY----- you have to convert it to rsa:

openssl rsa -in -out

After this the key file should start with -----BEGIN RSA PRIVATE KEY----- and the upload should work without any problems.

Posted by Kim Klotz to makandra Operations (2013-10-22 19:34)