PEM or Privacy Enhanced Mail is a Base64 encoded DER certificate. PEM certificates are frequently used for web servers as they can easily be translated into readable data using a simple text editor. Generally when a PEM encoded file is opened in a text editor, it contains very distinct headers and footers.
On Windows servers, the OS manages your certificate files for you in a hidden folder, but you can retrieve the private key by exporting a “. pfx” file that contains the certificate(s) and private key. Open Microsoft Management Console (MMC). In the Console Root expand Certificates (Local Computer).
The AWS CLI requires file://
prefix for local files. For example file://private.key
, file://cert_file
, etc.
Just ran into the same exact issue: web console and AWS CLI reporting the same error in not being able to parse the certificate.
The error's root cause turned out to be in the private key -- converting my private key to a "RSA PRIVATE KEY" fixed the issue:
openssl rsa -in server.key -out server.key.rsa
Then, use the server.key.rsa
in the private key field and leave the public cert as is.
I just spent the last hour struggling with this issue, on the web console. For sake of documenting, I would like to share what fixed the problem for me:
---- TEXT HERE ----
start and end labels are included in what you are uploading/copy-pasting into the web-consolef, [space], a, [return]
, I'd fixed the file in Vi and it now seems to be working. AWS' interface should be smart enough to recover from common errors such as this - nevertheless, this fixed the issue for me.Hope this helps save an hour for somebody else :)
According to installation steps of ZeroSSL you have to copy all the content of the private.key after opening it in notepad.
The private key must start with -----BEGIN RSA PRIVATE KEY----- and end with -----END RSA PRIVATE KEY-----
I did that also with certificate.crt and the problem solved and saved successfully
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With