KB43774 - When importing a private key with a password or pass phrase for Pulse One (On-Premise), the console prompts an ASN1 error message.

This article describes an issue where the administrator is unable to import the private key with a password or pass phrase for Pulse One (On-Premise) and the console prompts a long ASN1 error message.

When importing a private key using https set key, the following error message will appear and the import will fail:

ERROR: [('asn1 encoding routines', 'ASN1_get_object', 'header too long'), ('asn1 encoding routines', 
'ASN1_CHECK_TLEN', 'bad object header'), ('asn1 encoding routines', 'ASN1_ITEM_EX_D2I', 
'nested asn1 error'), ('rsa routines', 'OLD_RSA_PRIV_DECODE', 'RSA lib'), ('asn1 encoding routines', 
'ASN1_get_object', 'header too long'), ('asn1 encoding routines', 'ASN1_CHECK_TLEN', 
'bad object header'), ('asn1 encoding routines', 'ASN1_ITEM_EX_D2I', 'nested asn1 error'), 
('PEM routines', 'PEM_READ_BIO_PRIVATEKEY', 'ASN1 lib')]

This issue occurs with Pulse One 1743.1 and above as additional validation checks were made to help avoid a mismatch between the public / private key pair.

To resolve the issue, remove the password or pass phrase from the private key.

Note: There are many tools that can perform this task, but the following example is using openssl
 

openssl rsa -in file1.key -out file2.key

The output file name file2.key will be the exported private key without a password / pass phrase. Once completed, open the file in a text editor and copy/paste the content back to the Pulse One serial console.