diff --git a/src/sniffer.c b/src/sniffer.c
index e4d0210ed..d89039624 100644
--- a/src/sniffer.c
+++ b/src/sniffer.c
@@ -4148,10 +4148,39 @@ int ssl_SetWatchKeyCtx(void* ctx, char* error)
 }
 
 
-int ssl_SetWatchKey(void* vSniffer, const char* keyFile, int keyType,
-        const char* password, char* error)
+int ssl_SetWatchKey_buffer(void* vSniffer, const byte* key, word32 keySz,
+        int keyType, char* error)
 {
     SnifferSession* sniffer;
+    int ret;
+
+    if (vSniffer == NULL) {
+        return -1;
+    }
+    if (key == NULL || keySz == 0) {
+        return -1;
+    }
+
+    sniffer = (SnifferSession*)vSniffer;
+    /* Remap the keyType from what the user can use to
+     * what wolfSSL_use_PrivateKey_buffer expects. */
+    keyType = (keyType == FILETYPE_PEM) ? WOLFSSL_FILETYPE_PEM :
+                                          WOLFSSL_FILETYPE_ASN1;
+
+    ret = wolfSSL_use_PrivateKey_buffer(sniffer->sslServer,
+            key, keySz, keyType);
+    if (ret != WOLFSSL_SUCCESS) {
+        SetError(KEY_FILE_STR, error, sniffer, FATAL_ERROR_STATE);
+        return -1;
+    }
+
+    return 0;
+}
+
+
+int ssl_SetWatchKey_file(void* vSniffer, const char* keyFile, int keyType,
+        const char* password, char* error)
+{
     byte* keyBuf = NULL;
     word32 keyBufSz = 0;
     int ret;
@@ -4163,7 +4192,6 @@ int ssl_SetWatchKey(void* vSniffer, const char* keyFile, int keyType,
         return -1;
     }
 
-    sniffer = (SnifferSession*)vSniffer;
     /* Remap the keyType from what the user can use to
      * what LoadKeyFile expects. */
     keyType = (keyType == FILETYPE_PEM) ? WOLFSSL_FILETYPE_PEM :
@@ -4176,15 +4204,11 @@ int ssl_SetWatchKey(void* vSniffer, const char* keyFile, int keyType,
         return -1;
     }
 
-    ret = wolfSSL_use_PrivateKey_buffer(sniffer->sslServer,
-            keyBuf, keyBufSz, WOLFSSL_FILETYPE_ASN1);
-    if (ret != WOLFSSL_SUCCESS) {
-        SetError(KEY_FILE_STR, error, sniffer, FATAL_ERROR_STATE);
-        free(keyBuf);
-        return -1;
-    }
+    ret = ssl_SetWatchKey_buffer(vSniffer, keyBuf, keyBufSz, FILETYPE_DER,
+            error);
+    free(keyBuf);
 
-    return 0;
+    return ret;
 }
 
 #endif /* WOLFSSL_SNIFFER_WATCH */
diff --git a/sslSniffer/sslSnifferTest/snifftest.c b/sslSniffer/sslSnifferTest/snifftest.c
index 1e5e9c118..e2e7495d1 100644
--- a/sslSniffer/sslSnifferTest/snifftest.c
+++ b/sslSniffer/sslSnifferTest/snifftest.c
@@ -208,7 +208,7 @@ static int myWatchCb(void* vSniffer,
     if (certName == NULL)
         return -1;
 
-    return ssl_SetWatchKey(vSniffer, certName, FILETYPE_PEM, NULL, error);
+    return ssl_SetWatchKey_file(vSniffer, certName, FILETYPE_PEM, NULL, error);
 }
 
 #endif
diff --git a/wolfssl/sniffer.h b/wolfssl/sniffer.h
index 090fdd9be..496b01345 100644
--- a/wolfssl/sniffer.h
+++ b/wolfssl/sniffer.h
@@ -179,7 +179,12 @@ WOLFSSL_API
 SSL_SNIFFER_API int ssl_SetWatchKeyCtx(void* ctx, char* error);
 
 WOLFSSL_API
-SSL_SNIFFER_API int ssl_SetWatchKey(void* vSniffer,
+SSL_SNIFFER_API int ssl_SetWatchKey_buffer(void* vSniffer,
+                        const unsigned char* key, unsigned int keySz,
+                        int keyType, char* error);
+
+WOLFSSL_API
+SSL_SNIFFER_API int ssl_SetWatchKey_file(void* vSniffer,
                         const char* keyFile, int keyType,
                         const char* password, char* error);