Decrypt Private Key File

Posted: Feb 2, 2022

Tags: AWS, Certificates, openssl, SSL

We recently ran into a situation where we needed to paste the private key file for a certificate into AWS Certificate Manager and realized that it would not accept an encrypted key file.

To determine if a private key file is encrypted you can just look at the first line of the private key file contents:

Decrypt Private Key file

After a bit of searching we found out how to decrypt the key file.

The following command works on Mac/Linux (still not sure how to do this on Windows...)

You will be asked for the passcode that is necessary to decrypt the file.

Result

If completed successfully you will end up with a new file that has the following at the top:

Now AWS Certificate Manager will accept this key.