SAP Knowledge Base Article - Public

3132774 - Private Key file not accepted in Career Site Builder - Recruiting Marketing


  • The private key is not accepted when trying to renew the certificate;
  • Error when trying to upload the private key;
  • Unable to install/import the certificate;
  • Invalid private key.

Image/data in this KBA is from SAP internal systems, sample data, or demo systems. Any resemblance to real data is purely coincidental.


SAP SuccessFactors Recruiting Marketing (RMK)

Reproducing the Issue

  1. Navigate to Admin Center > Manage Career Site Builder;
  2. Tools > SSL Certificates;
  3. Under Option 2 click on Upload SSL Certificate;
  4. Select "I want to upload an SSL certificate that I obtained using my own CSR." and click on Next;
  5. Upload the files including the Private Key;
  6. After press the button Submit;
  7. You will receive an error informing that the security key is invalid.


RSA private key is not accepted by Career Site Builder.

In order to confirm, open the file that contains the private key and check if there's the prase BEGIN RSA PRIVATE KEY as follow:


If you have an issue to upload the RSA private key, you can convert that to a standard private key format with openssl (download from here) command. You can execute to the following command to a standard private key as follow:

openssl pkcs8 -topk8 -nocrypt -in rsa_server.key -out without_rsa_server.key

rsa_server.key = private key (the file can be pem or cer)

without_rsa_server.key = the output (the file can be pem or cer)

The file without_rsa_server.key should be used now in CSB.


SSL, Private Key, RSA, CSB, Error , KBA , LOD-SF-RMK-CER , Certificate Renewal, IP Address, Domain , LOD-SF-RMK-CSB , Career Site Builder , Problem


SAP SuccessFactors Recruiting all versions


Pasted image.png
Pasted image.png