private_key_pem

The PEM (ASCII) encoded representation of the certificate's private key in either PKCS #1 format ("`BEGIN RSA PRIVATE KEY`") or unencrypted PKCS #8 format ("`BEGIN PRIVATE KEY`").

PKCS #8 format is supported since 2.32; earlier releases only support PKCS #1. You can use the `openssl rsa` tool to convert PKCS #8 keys to PKCS #1.

This property (or the private_key property) can be set when constructing a key (for example, from a file). Since GLib 2.70, it is now also readable; however, be aware that if the private key is backed by a PKCS #11 URI - for example, if it is stored on a smartcard - then this property will be null. If so, the private key must be referenced via its PKCS #11 URI, private_key_pkcs11_uri. You must check both properties to see if the certificate really has a private key. When this property is read, the output format will be unencrypted PKCS #8.