Re: [Pki-users] Export keyPair and certificate to .p12 (private key with certificate) and .der (public key and certificate)

Look in RecoveryService.java , method something like createPFX if still want to pursue that angle. As for the PrivateKeyObject I will have to look around to refresh memory, but have tried casting? ----- Original Message ----- > From: "Marcin Mierzejewski" <marcinmierzejewski1024(a)gmail.com <javascript:;>> > To: "John Magne" <jmagne(a)redhat.com <javascript:;>> > Cc: pki-users(a)redhat.com <javascript:;> > Sent: Monday, 26 October, 2015 10:40:53 AM > Subject: Re: [Pki-users] Export keyPair and certificate to .p12 (private key with certificate) and .der (public key > and certificate) > > All I found in KraClient is a KeyClient which role in retriving process is > limited to returning some generic "Key" object. I would love some "find > usages" that works across group of jars to find out where that recovering > is. > In meantime I refactor PKCS12Export to get that working, but propably it > could be done better. Now what is the problem, how to change the "Key" > object to some object that implements org.mozzlila.PrivateKey ? I checked > all this privatekey classes and any of this had a public constructor or > builder with rawdata(byte[]) and mozilla jss documentation sucks. > > > > 2015-10-26 18:21 GMT+01:00 John Magne <jmagne(a)redhat.com <javascript:;> >: > > > Take a look in the KRA code, which does this when recovering keys back to > > the user. > > > > ----- Original Message ----- > > From: "Marcin Mierzejewski" <marcinmierzejewski1024(a)gmail.com <javascript:;>> > > To: pki-users(a)redhat.com <javascript:;> > > Sent: Saturday, October 24, 2015 10:49:15 AM > > Subject: [Pki-users] Export keyPair and certificate to .p12 (private key > > with certificate) and .der (public key and certificate) > > > > After creation certficate in application I have to return a certificate > > with private key. That file could be in .p12 format, am I right? Can I > > found example of create that file in existing code? > > there is a PKCS12Export command line tool but it propably works with > > existing creditentials on nssdatabase. Eventually I can get code from > > PKCS12Export and make addKeyBag() and few other methods public. Ok soo i > > have first part. > > And second part .der file is the same as certificate.getEncoded() if yes, > > thats allready done^^ > > > > _______________________________________________ > > Pki-users mailing list > > Pki-users(a)redhat.com <javascript:;> > > https://www.redhat.com/mailman/listinfo/pki-users > > >