if I compile the c driver with "-DENABLE_SSL=WINDOWS" (windows secure Channel), connection would be failed if the client pem key file has password.
the error info of log:
****************************************************
[error@stream-secure-channel] Failed to parse private key. ASN1 bad tag value me
t.
(0x8009310B)
[warning@stream-secure-channel] a client certificate has been requested
****************************************************

note:
1. I create the private key for the pem file with this command: openssl genrsa -des3 -out server.key 2048 , and then input password : 1234
using mongo.exe , I can connect with the same pem file and password from my own working computer successfully:
mongo --host 10.154.10.39 --ssl --authenticationDatabase admin --username user1 -p 123 --sslCAFile d:/ca.pem --sslPEMKeyFile d:/cry.pem --sslPEMKeyPassword 1234
however, if my program uses the mongocxx driver, always get failed.

2. if I use the driver which is compiled with "-DENABLE_SSL=OPENSSL", this issue dissapears.

3. my c++ program source code:
const auto uri = mongocxx::uri

{ "mongodb://user1:123@10.154.10.39:27017/?authSource=admin&ssl=true" }

;
mongocxx::options::client client_options;
if (uri.ssl())

{ mongocxx::options::ssl ssl_options; ssl_options.pem_file("d:/cry.pem"); ssl_options.pem_password("1234"); ssl_options.ca_file("d:/ca.pem"); client_options.ssl_opts(ssl_options); }

....