I was trying to convert a PFX file to be used for webauth on a Cisco WLC running the latest 7.x code. I've done this several times before in past lives and expected no resistance, but I could not get the WLC to accept the PEM certificate converted by OpenSSL 1.0 from a CentOS 6.3 server.
The WLC kept reporting a "private key decode failed".
However, one stroke of luck I found this post: https://supportforums.cisco.com/thread/340194
The forum member recommended using OpenSSL for windows at a version <1.0. One attempt and it went beautifully, the WLC accepted the certificate!
Does anyone have any ideas? Hopefully this helps someone else.