An error occurred (ValidationException) when calling the ImportCertificate operation: The private key is not supported

Question 1

I am using the AWS CLI in order to import a certificate to region us-east-1, like so:

aws acm import-certificate --certificate cert.crt --private-key private.key --certificate-chain chain.crt --profile prof --region us-east-1

1 2	aws acm import-certificate --certificate cert.crt --private-key private.key --certificate-chain chain.crt --profile prof --region us-east-1

This has worked in the past for other certs, however I recently started seeing the following error:

An error occurred (ValidationException) when calling the ImportCertificate operation: The private key is not supported.

1 2	An error occurred (ValidationException) when calling the ImportCertificate operation: The private key is not supported.

I have checked that the private key indeed matches the certificate via openssl, so I am quite lost as to what might be the issue here.

openssl rsa -in private.key -check

1 2	openssl rsa -in private.key -check

yields

RSA key ok

1 2	RSA key ok

What could be the issue?

Question 2

I just ran into this as well and found a hint elsewhere that suggested prefixing your file with “file://”. Worked for me. Give it a try:

aws acm import-certificate --certificate file://cert.crt --private-key file://private.key --certificate-chain file://chain.crt --profile prof --region us-east-1

1 2	aws acm import-certificate --certificate file://cert.crt --private-key file://private.key --certificate-chain file://chain.crt --profile prof --region us-east-1

An error occurred (ValidationException) when calling the ImportCertificate operation: The private key is not supported

Question:

Answer:

Leave a Reply Cancel reply