All I found in KraClient is a KeyClient which role in retriving process is limited to returning some generic "Key" object. I would love some "find usages" that works across group of jars to find out where that recovering is. 
In meantime I refactor PKCS12Export to get that working, but propably it could be done better. Now what is the problem, how to change the "Key" object to some object that implements org.mozzlila.PrivateKey ? I checked all this privatekey classes and any of this had a public constructor or builder with rawdata(byte[]) and mozilla jss documentation sucks.

2015-10-26 18:21 GMT+01:00 John Magne <>:
Take a look in the KRA code, which does this when recovering keys back to the user.

----- Original Message -----
From: "Marcin Mierzejewski" <>
Sent: Saturday, October 24, 2015 10:49:15 AM
Subject: [Pki-users] Export keyPair and certificate to .p12 (private key with certificate) and .der (public key and certificate)

After creation certficate in application I have to return a certificate with private key. That file could be in .p12 format, am I right? Can I found example of create that file in existing code?
there is a PKCS12Export command line tool but it propably works with existing creditentials on nssdatabase. Eventually I can get code from PKCS12Export and make addKeyBag() and few other methods public. Ok soo i have first part.
And second part .der file is the same as certificate.getEncoded() if yes, thats allready done^^

Pki-users mailing list