diff --git a/src/xmlsec/crypto.py b/src/xmlsec/crypto.py
index 1d6350fe..c012edfd 100644
--- a/src/xmlsec/crypto.py
+++ b/src/xmlsec/crypto.py
@@ -130,11 +130,13 @@ def __init__(self, filename, private):
                 if not isinstance(self.key, rsa.RSAPrivateKey):
                     raise XMLSigException("We don't support non-RSA private keys at the moment.")
 
-                # XXX now we could implement encrypted-PEM-support
-                self.cert_pem = self.key.private_bytes(
-                    encoding=serialization.Encoding.PEM,
-                    format=serialization.PrivateFormat.PKCS8,
-                    encryption_algorithm=serialization.NoEncryption())
+                # XXX Do not leak private key -- is there any situation
+                # where we might need this pem?
+                self.cert_pem = None
+                # self.cert_pem = self.key.private_bytes(
+                #     encoding=serialization.Encoding.PEM,
+                #     format=serialization.PrivateFormat.PKCS8,
+                #     encryption_algorithm=serialization.NoEncryption())
 
                 self.keysize = self.key.key_size
             else: