SignedJwtAssertionCredentials on AppEngine doesn't recognize PEM key

Question

SignedJwtAssertionCredentials on appengine (with pycrypto 2.6) doesn\'t support the PKCS12 format, therefore I\'m trying to use PEM keys instead, as suggested everywhere..

Answer 1

for those interested, I ended up compiling a short tutorial on how to use the Google+ Domains APIs with python on App Engine, you can find it here: https://gist.github.com/vircheck/6292176

It's also applicable to other APIs based on service accounts, such as the Drive API etc..

Answer 2

Yeah, the error is hugely misleading. What you're doing is fine; just remove the header from the PEM file so that it begins with -----BEGIN PRIVATE KEY-----, or run the following command over it:

openssl pkcs8 -nocrypt -in privatekey.pem -passin pass:notasecret -topk8 -out pk.pem