diff --git a/epan/dissectors/packet-ssl.c b/epan/dissectors/packet-ssl.c
index ad14ca4340..d827db4ef9 100644
--- a/epan/dissectors/packet-ssl.c
+++ b/epan/dissectors/packet-ssl.c
@@ -413,10 +413,11 @@ ssl_parse_old_keys(void)
     if (ssldecrypt_uat && ssl_keys_list && ssl_keys_list[0]) {
         old_keys = wmem_strsplit(NULL, ssl_keys_list, ";", 0);
         for (i = 0; old_keys[i] != NULL; i++) {
-            parts = wmem_strsplit(NULL, old_keys[i], ",", 4);
+            parts = wmem_strsplit(NULL, old_keys[i], ",", 5);
             if (parts[0] && parts[1] && parts[2] && parts[3]) {
-                uat_entry = wmem_strdup_printf(NULL, "\"%s\",\"%s\",\"%s\",\"%s\",\"\"",
-                                parts[0], parts[1], parts[2], parts[3]);
+                const gchar *password = parts[4] ? parts[4] : "";
+                uat_entry = wmem_strdup_printf(NULL, "\"%s\",\"%s\",\"%s\",\"%s\",\"%s\"",
+                                parts[0], parts[1], parts[2], parts[3], password);
                 if (!uat_load_str(ssldecrypt_uat, uat_entry, &err)) {
                     ssl_debug_printf("ssl_parse_old_keys: Can't load UAT string %s: %s\n",
                                      uat_entry, err);
diff --git a/test/captures/dmgr.pcapng b/test/captures/dmgr.pcapng
new file mode 100755
index 0000000000..10eb29d4b8
Binary files /dev/null and b/test/captures/dmgr.pcapng differ
diff --git a/test/keys/key.p12 b/test/keys/key.p12
new file mode 100755
index 0000000000..43a66ddf9e
Binary files /dev/null and b/test/keys/key.p12 differ
diff --git a/test/suite-decryption.sh b/test/suite-decryption.sh
index 936dbef244..880899538b 100755
--- a/test/suite-decryption.sh
+++ b/test/suite-decryption.sh
@@ -119,6 +119,20 @@ decryption_step_ssl() {
 	test_step_ok
 }
 
+# SSL, using the server's private key with password
+decryption_step_ssl_with_password() {
+	$TESTS_DIR/run_and_catch_crashes env $TS_DC_ENV $TSHARK $TS_DC_ARGS -Tfields -e http.request.uri \
+		-o "ssl.keys_list: 127.0.0.1,9131,http,$TEST_KEYS_DIR/key.p12,WebAS" \
+		-r "$CAPTURE_DIR/dmgr.pcapng" -Y http \
+		| grep unsecureLogon.jsp > /dev/null 2>&1
+	RETURNVALUE=$?
+	if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
+		test_step_failed "Failed to decrypt SSL using the server's private key with password"
+		return
+	fi
+	test_step_ok
+}
+
 # SSL, using the master secret
 decryption_step_ssl_master_secret() {
 	$TESTS_DIR/run_and_catch_crashes env $TS_DC_ENV $TSHARK $TS_DC_ARGS -Tfields -e http.request.uri \
@@ -233,6 +247,7 @@ tshark_decryption_suite() {
 	test_step_add "IEEE 802.11 WPA EAP Decryption" decryption_step_80211_wpa_eap
 	test_step_add "DTLS Decryption" decryption_step_dtls
 	test_step_add "SSL Decryption (private key)" decryption_step_ssl
+	test_step_add "SSL Decryption (private key with password)" decryption_step_ssl_with_password
 	test_step_add "SSL Decryption (master secret)" decryption_step_ssl_master_secret
 	test_step_add "ZigBee Decryption" decryption_step_zigbee
 	test_step_add "ANSI C12.22 Decryption" decryption_step_c1222