diff --git a/lib/fog/aws/requests/iam/upload_server_certificate.rb b/lib/fog/aws/requests/iam/upload_server_certificate.rb
index 0fde3858c..4f7927871 100644
--- a/lib/fog/aws/requests/iam/upload_server_certificate.rb
+++ b/lib/fog/aws/requests/iam/upload_server_certificate.rb
@@ -51,6 +51,9 @@ module Fog
 
           # Validate cert and key
           begin
+            # must be an RSA private key
+            raise OpenSSL::PKey::RSAError unless private_key =~ /BEGIN RSA PRIVATE KEY/
+
             cert = OpenSSL::X509::Certificate.new(certificate)
             chain = OpenSSL::X509::Certificate.new(options['CertificateChain']) if options['CertificateChain']
             key = OpenSSL::PKey::RSA.new(private_key)
diff --git a/tests/aws/requests/iam/helper.rb b/tests/aws/requests/iam/helper.rb
index 80942bb8c..7a4ca3017 100644
--- a/tests/aws/requests/iam/helper.rb
+++ b/tests/aws/requests/iam/helper.rb
@@ -41,6 +41,25 @@ c0AQtoYBTJePxiYyd8i32ypkkK83ar+sFoxKO9jYwD1IkZax2xZ0aoTdMindQPR7
 Yjs+QiLmOHcbPqX+GHcCQERsSn0RjzKmKirDntseMB59BB/cEN32+gMDVsZuCfb+
 fOy2ZavFl13afnhbh2/AjKeDhnb19x/uXjF7JCUtwpA=
 -----END RSA PRIVATE KEY-----
+}
+
+    # openssl pkcs8 -nocrypt -topk8 -in SERVER_CERT_PRIVATE_KEY.key -outform pem
+    SERVER_CERT_PRIVATE_KEY_PKCS8 = %{-----BEGIN PRIVATE KEY-----
+MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBALQJHvqyi+N2alZG
+YRp/xdob6cZ7tzOGl0sqRq7ZvXpW1KOQ9y3E8vlTi9ozFBRugs+v72gv719Jg3fV
+XMMPiHJp4ah4jl+GcZ6qTvWSrm4c40E5BQxtlsFDw9V31J2T7L0knoTl8L4aEsvk
+j7LYMruzIHPLKarVaLqs+nVdcXsBAgMBAAECgYA2ONEFvCR5ez6HgWbZbkYObH25
+86S3df+2+aKUIqv4XpJoOM7ZEAoFoW3rZ5rSlH39QwWdoWI8lo1r1+y6KsFzAh35
+GLOu4Sn7sUbOIz2YLmRwTtYpmteAYacu2qDjHm3BUsCuCnSOLtMDXyr/vi5Osjhr
+PwfmJNjifb05GUuaaQJBAOwYy4sSAYeA3ljVz1rHUNP+tRcrGeqwiuKNGSBuJOdw
+cACsUnzxzfLKRaoa9idIXAxLwNJaI/I9oAic02Vv988CQQDDNngJ+8n46UT76tM8
+f2N6YLz12fELsQUa5YmbB1p2d6/wRiC6+95x0Z0a20PtCxkqlzPmYOeA5SCFtWby
+8EQvAkAwd86hWCr0NGJw/kO5MR3Ix4tJnFGPunpok+rKm5H76Ts1CCtO9xz+cMPo
+beyGl/Y9l/eXt2WVv0zxN7C2LExFAkEAh1dzQBC2hgFMl4/GJjJ3yLfbKmSQrzdq
+v6wWjEo72NjAPUiRlrHbFnRqhN0yKd1A9HtiOz5CIuY4dxs+pf4YdwJARGxKfRGP
+MqYqKsOe2x4wHn0EH9wQ3fb6AwNWxm4J9v587LZlq8WXXdp+eFuHb8CMp4OGdvX3
+H+5eMXskJS3CkA==
+-----END PRIVATE KEY-----
 }
 
     SERVER_CERT_PRIVATE_KEY_MISMATCHED = %{-----BEGIN RSA PRIVATE KEY-----
diff --git a/tests/aws/requests/iam/server_certificate_tests.rb b/tests/aws/requests/iam/server_certificate_tests.rb
index 229696f67..6f835863d 100644
--- a/tests/aws/requests/iam/server_certificate_tests.rb
+++ b/tests/aws/requests/iam/server_certificate_tests.rb
@@ -24,6 +24,7 @@ Shindo.tests('AWS::IAM | server certificate requests', ['aws']) do
   tests('#upload_server_certificate') do
     public_key  = AWS::IAM::SERVER_CERT_PUBLIC_KEY
     private_key = AWS::IAM::SERVER_CERT_PRIVATE_KEY
+    private_key_pkcs8 = AWS::IAM::SERVER_CERT_PRIVATE_KEY_PKCS8
     private_key_mismatch = AWS::IAM::SERVER_CERT_PRIVATE_KEY_MISMATCHED
 
     tests('empty public key').raises(Fog::AWS::IAM::ValidationError) do
@@ -42,6 +43,10 @@ Shindo.tests('AWS::IAM | server certificate requests', ['aws']) do
       Fog::AWS::IAM.new.upload_server_certificate(public_key, 'abcde', @key_name)
     end
 
+    tests('non-RSA private key').raises(Fog::AWS::IAM::MalformedCertificate) do
+      Fog::AWS::IAM.new.upload_server_certificate(public_key, private_key_pkcs8, @key_name)
+    end
+
     tests('mismatched private key').raises(Fog::AWS::IAM::KeyPairMismatch) do
       Fog::AWS::IAM.new.upload_server_certificate(public_key, private_key_mismatch, @key_name)
     end