What this tool is good for
This tool lets you change the password on an RSA PEM private key, add protection to an unencrypted key, remove the password from an encrypted key, or simply confirm whether the current password is correct.
All processing happens locally in the browser, which is especially helpful when you are handling sensitive private key material.
Typical scenarios
- Leave the old password empty and set a new password to protect an unencrypted key.
- Provide both the old password and a new password to rotate the password.
- Provide the old password and leave the new password empty to remove password protection.
Format notes
- Encrypted private keys usually start with BEGIN ENCRYPTED PRIVATE KEY.
- Unencrypted private keys commonly start with BEGIN PRIVATE KEY or BEGIN RSA PRIVATE KEY.
- If the password is wrong or the key is malformed, the conversion will fail immediately.
FAQ
What does adding a password to an RSA private key do?
It encrypts the private key file so the key material is harder to use if the file is copied or leaked. You still need to store the password separately and securely.
Can this tool remove a private key password?
Yes, when you provide the correct existing password. Removing the password makes the key easier for software to load, but it also increases the risk if the file is exposed.
Why can my encrypted private key not be opened?
The password may be wrong, the PEM block may be incomplete, or the key may use an unsupported encryption format. Confirm the key header, passphrase, and original export settings.
Related tools
- RSA Key Pair Generator:Generate RSA public and private key pairs in PEM format
- PEM/XML Key Converter:Convert RSA keys between PEM and XML