SSL keypair using the Command Line Interface (CLI) cannot be viewed. The following error is encountered when issuing the view keypair command:
#(config ssl)view keypair keyringname % Key pair "keyringname" is not allowed to be shown
The private key cannot be shown if "Do not show key pair" was specified during Keyring creation. There is no way to recover the private key on the ProxySG appliance even if the Keyring's password is available.
This behavior is by design; allowing the copying of a Keyring configured to be hidden would be a serious security flaw.
Imported Document ID: 000008344
Subscribing will provide email updates when this Article is updated. Login is required.