SSL keypair using the Command Line Interface (CLI) cannot be viewed. The following error is encountered when issuing the view keypair command:

#(config ssl)view keypair keyringname
% Key pair "keyringname" is not allowed to be shown

The private key cannot be shown if "Do not show key pair" was specified during Keyring creation. There is no way to recover the private key on the ProxySG appliance even if the Keyring's password is available.

This behavior is by design; allowing the copying of a Keyring configured to be hidden would be a serious security flaw.