Look in RecoveryService.java , method something like createPFX if still want to pursue
that angle.
As for the PrivateKeyObject I will have to look around to refresh memory, but have tried
casting?
----- Original Message -----
From: "Marcin Mierzejewski"
<marcinmierzejewski1024(a)gmail.com>
To: "John Magne" <jmagne(a)redhat.com>
Cc: pki-users(a)redhat.com
Sent: Monday, 26 October, 2015 10:40:53 AM
Subject: Re: [Pki-users] Export keyPair and certificate to .p12 (private key with
certificate) and .der (public key
and certificate)
All I found in KraClient is a KeyClient which role in retriving process is
limited to returning some generic "Key" object. I would love some "find
usages" that works across group of jars to find out where that recovering
is.
In meantime I refactor PKCS12Export to get that working, but propably it
could be done better. Now what is the problem, how to change the "Key"
object to some object that implements org.mozzlila.PrivateKey ? I checked
all this privatekey classes and any of this had a public constructor or
builder with rawdata(byte[]) and mozilla jss documentation sucks.
2015-10-26 18:21 GMT+01:00 John Magne <jmagne(a)redhat.com>:
> Take a look in the KRA code, which does this when recovering keys back to
> the user.
>
> ----- Original Message -----
> From: "Marcin Mierzejewski" <marcinmierzejewski1024(a)gmail.com>
> To: pki-users(a)redhat.com
> Sent: Saturday, October 24, 2015 10:49:15 AM
> Subject: [Pki-users] Export keyPair and certificate to .p12 (private key
> with certificate) and .der (public key and certificate)
>
> After creation certficate in application I have to return a certificate
> with private key. That file could be in .p12 format, am I right? Can I
> found example of create that file in existing code?
> there is a PKCS12Export command line tool but it propably works with
> existing creditentials on nssdatabase. Eventually I can get code from
> PKCS12Export and make addKeyBag() and few other methods public. Ok soo i
> have first part.
> And second part .der file is the same as certificate.getEncoded() if yes,
> thats allready done^^
>
> _______________________________________________
> Pki-users mailing list
> Pki-users(a)redhat.com
>
https://www.redhat.com/mailman/listinfo/pki-users
>