DataPower

Hi All,

I have a requirement to extract a private key file from DataPower gateway since the private key stored locally outside of DP is lost and we need only the specific private key file for a migration activity. I know secure backup will include certificates and keys along with other config files. I want to know if it is possible to extract private key file from secure backup in .pem or .key format and use it to build a p12/pfx file along with matching public certificate to import in APIC CMC?

We don't have HSM feature enabled in DP and also don't want to do secure restore using secure backup since we need only a private key for import.

Files cannot be retrieved from the cert directory as it is an encrypted part of the filesystem, this is intentional in that it is a security feature of the DataPower Gateway.  Secure backup is also an encrypted dataset that you cannot decrypt to obtain the private key, it is a secure way to transfer certificates and private keys between DataPower Gateways, without allowing extraction of the data to an external resource.  You should consider if you do not already to have an off box solution as a certificate/key repository if you need easier access to those files.