I have a CertAndKey.pfx file and corresponding EncryptedKey.pem - both provided from CA. The following commands result with 2 different decrypted key files key1.pem and key2.pem:
openssl rsa -in EncryptedKey.pem -out key1.pem
openssl pkcs12 -in CertAndKey.pfx -out key2.pem -nodes
(and certainly I've edited key2.pem, public part was purged and private key part was left.)
The difference in decrypted keys is not only "begin/end rsa private key" vs "begin/end private key" lines (key1 does have "RSA" word in this line while key2 don't). Key bodies are also differ and their lengths aren't equal. However, both key1 and key2 apeared to work fine in TLS handshake.
I tried also to decode the keys and compare them in binary form:
Certutil -decode key1.pem key1.bin
Certutil -decode key2.pem key2.bin -
and these .bin files are different as well and aren't equal in length.
I am quite new to this, can anybody explain this oddity for me?