Azure key vault -- The specified PEM X.509 certificate content can not be read. Please check if certificate is in valid PEM format. Accepted formats: PEM content or Base64 encoded PEM content

Question

We have a exported the certificate in Base64 encoded PKCS #8 (.PEM) Format and kept in our local system. We need to import it in Azure key vault. When I tried to do that, I am getting below error:-

The specified PEM X.509 certificate content can not be read. Please check if certificate is in valid PEM format. Accepted formats: PEM content or Base64 encoded PEM content.

Certificate format:-

-----BEGIN PRIVATE KEY-----
MIIE6TAbBgoqhkiG9w0BDAEDMA0ECGhtCDicYGGyAgEBBIIEyBhR+hx9p0yNzhWGJbOqlIcFWhnj
wIvzcV22ypt6twtSqyDG/0RralPIfy3gMuXD7PrVXe8d4BPmUbhb5ce01w7Jk4SmcBOfOeBCbJ7A
xb7YR8l/53AoEpxXzJjSCjC9nGso1527K9tem/Ss6bXSfAAzSV7sym5b/JCA8NoinbBrf5xTCKC4
9VbP1PWbWk3Gz92uzATgG92wUxZmBNnazUdbYMUwPohyzgepUlEo+typlIifVTvtawYPhmlNF8tb
.
.
.
.
-----END PRIVATE KEY-----

Kindly give us the solution

Answer 1

Hello @Anonymous

Thanks for your question!

I found this doc and this might provide you some feedback. See it below:

https://github.com/MicrosoftDocs/azure-docs/issues/23558

BR,

Answer 2

1. Ensure you have openssl is installed on your local machine.
2. export the privatekey.pem and certificate.pem to pfx with following command:

openssl pkcs12 -inkey privatekey.pem -in CCSID.pem -export -passout pass:$password -out CCSID.pfx

1. import the exported pfx file to local windows machine with the password set in previous step ($password)
2. Export the pfx with private key from local windows machine and encryption $password:
3. Import the exported pfx file from step 4 on Azure key vault with the above $password and it should work fine and that worked for me also.

Best regards,