Yeah, the error is hugely misleading. What you're doing is fine; just remove the header from the PEM file so that it begins with -----BEGIN PRIVATE KEY-----
, or run the following command over it:
openssl pkcs8 -nocrypt -in privatekey.pem -passin pass:notasecret -topk8 -out pk.pem