This error is reasied when the key cannot be parsed. Since the error code and message are totally helpless, this gist is here to help you verify your certificate and key are correct, which have been the root cause when such error was raised in our Python code.
Sample use case:
ssl_context.load_cert_chain(certfile=certfile, keyfile=keyfile, password='secret')
# Raise SSLError
When this error happened, the root cause was my key file not being correct (some spaces were added when restoring it from the vault)
In order to find if the error comes from your Python code, your certioficate or your key, verify those files first:
To verify the certificate (replace cert.pem
with the path to your certificate):
openssl x509 -noout -text -in cert.pem
If your certificate is not valid, openSSL will prompt an unable to load certificate
error.
To verify the key (replace key.pem
with the path to your key):
openssl rsa -noout -text -in key.pem
If yor key is password protected, openSSL will prompt you for the password.
If you key file is not correct, OpenSSL will print an unable to load Private Key
error.
If you got an error (unable to load...), then it's not even useful to look at your Python code. Fix your certificate or key, verify them with openSSL, and only then switch back to your Python code.