Import Key into Vault Transit


To understand the Vault Transit better I have been trying to import a key. I have read through how to convert a private key to ciphertext which at the end can be imported.

But I keep getting error in response.

error importing key: error parsing asymmetric key: asn1: structure error: tags don't match (16 vs {class:0 tag:10 length:45 isCompound:false}) {optional:false explicit:false application:false private:false defaultValue:\u003cnil\u003e tag:\u003cnil\u003e stringType:0 timeType:0 set:false omitEmpty:false} pkcs8 @2\n\n

Anybody faced any such error. I can share private key and wrapping key (as this is just test environment) if that helps.

Thanks in advance.

I got it working. I missed one aspect which is not very clear in the Key-Wrapping documentation.
The key which is to be wrapped needs to be in DER/binary format. I was using the PEM format which is the problem. This step is mentioned in some other page link is below:

BYOK → Manual process