As mentioned in https://github.com/golang/go/issues/8860, golang doesn't support parsing PKCS#8 encrypted private keys despite it being the default format since OpenSSL 1.0.0. The changes from TOOLS-1948 have dropped support for using OpenSSL 0.9.x in favor of using golang's crypto/tls package.

Converting jstests/libs/password_protected.pem from a PKCS#8 encrypted private key shouldn't cause a loss in test coverage because the JavaScript tests which use jstests/libs/password_protected.pem care only that a password is required and not what mechanism was used for the encryption. There isn't an encrypted private key format that is supported by the mongo shell, the server, and the mongo tools across all platforms.