Stephan,
Okay I've figured out where the problem is. The movement between versions is fine and I have just tested it. The problem is by using the value in the /restman/1.0/privateKeys output that may look like below you are only seeing the public certificate not the whole private key.
.....<l7:Error xmlns:l7="http://ns.l7tech.com/2010/04/gateway-management">
<l7:Type>ResourceAccess</l7:Type>
<l7:TimeStamp>2016-12-23T09:49:24.625-08:00</l7:TimeStamp>
<l7:Link rel="self" uri="https://hugst05-ssg91.ca.com:9443/restman/1.0/privateKeys/00000000000000000000000000000002:vis/import"/>
<l7:Detail>Unable to read KeyStore: org.bouncycastle.asn1.DERSequence cannot be cast to org.bouncycastle.asn1.DERInteger. Caused by: org.bouncycastle.asn1.DERSequence cannot be cast to org.bouncycastle.asn1.DERInteger</l7:Detail>
</l7:Error>
.....
So the error that you saw I can duplicate:
If you use the certificate data from the /restman/1.0/privateKeys output
<l7:Error xmlns:l7="http://ns.l7tech.com/2010/04/gateway-management">
<l7:Type>ResourceAccess</l7:Type>
<l7:TimeStamp>2016-12-23T09:49:24.625-08:00</l7:TimeStamp>
<l7:Link rel="self" uri="https://hugst05-ssg91.ca.com:9443/restman/1.0/privateKeys/00000000000000000000000000000002:vis/import"/>
<l7:Detail>Unable to read KeyStore: org.bouncycastle.asn1.DERSequence cannot be cast to org.bouncycastle.asn1.DERInteger. Caused by: org.bouncycastle.asn1.DERSequence cannot be cast to org.bouncycastle.asn1.DERInteger</l7:Detail>
</l7:Error>
/restman/1.0/privateKeys/00000000000000000000000000000002:vis/export
To do this so that the private key and public keys are pulled you need to run do the following:
1) Inbound Request
URI = /restman/1.0/privateKeys/00000000000000000000000000000002:vis/export
HTTP Method = PUT
Request message:
<l7:PrivateKeyExportContext xmlns:l7="http://ns.l7tech.com/2010/04/gateway-management">
<l7:Password>7layer]</l7:Password>
</l7:PrivateKeyExportContext>
2) Extract the Pkcs12Data element from the response:
<l7:Item xmlns:l7="http://ns.l7tech.com/2010/04/gateway-management">
<l7:Name>00000000000000000000000000000002:vis Export</l7:Name>
<l7:Id>00000000000000000000000000000002:vis</l7:Id>
<l7:Type>PrivateKeyExportResult</l7:Type>
<l7:TimeStamp>2016-12-23T09:43:26.440-08:00</l7:TimeStamp>
<l7:Link rel="self" uri="https://hugst05-ssg83.ca.com:9443/restman/1.0/privateKeys/00000000000000000000000000000002:vis/export"/>
<l7:Link rel="privateKey" uri="https://hugst05-ssg83.ca.com:9443/restman/1.0/privateKeys/00000000000000000000000000000002:vis"/>
<l7:Resource>
<l7:PrivateKeyExportResult>
<l7:Pkcs12Data>MIACAQMwgAYJKoZIhvcNAQcBoIAkgASCA+gwgDCABgkqhkiG9w0BBwGggCSABIID6DCCBU0wggVJBgsqhkiG9w0BDAoBAqCCBPowggT2MCgGCiqGSIb3DQEMAQMwGgQUzHKJJh8CbEkwXk/9OVC12YSJ1LkCAgQABIIEyCmajZyOh+KAvM07dFH+dylBZt3bGaG4hc6KSENmB3myPTfCvGTbYnGYpltuW8yfJsCQxtNyq8mdX+UvA6T3GmTC7NFqy+Jsknf2IWyLsFO0+GbPjOCEFbqNLTVFFgZFwE7ultt4Bw9yXLa6omwxu+n+gGjm1xn8CKUi2eZkxi4gzPI+VnHHx945cqgTWc8txszxVwOBqN36wnSe65KVnyxzL1AEHjIj7i5g6MjM8rQ55CPBqcGfty38yzCtPH5bkDlYSKXe1sP2YA6ZtBovQvNTqE8U2BEQeWFun3U0Io7dqoj0/U4I1uqAsSKVimBUVWD73NhnNDQvKqz+gl44p+iTXvVkJ6ao8RzNE6q4RkHLPYtB/KGQCpXJ/REl+NHEjy7fRUcfFRSups4dRJBnBK0qpxK+KtmM55HJAX4qSfxIUBuf8+Z79fzYg1gujaaz9a1z+wOJtBR5FFhDhEp8krLHKSwkhMERjAt4S2bNkc9F7yQ834dxkRVkUMmFCyQ6D0v0tPyngYK7s/xzjihvLOjfwDDuqo0TEdAHUOr6tRNPKv1bU5ON0wT19/o9dsde60mkNdOezkIpvCY6QdVLGlaXS8Vscr3tJj85htk//zBZFRGnyrMUxj93z0cyzXrTS5mxwYmILQVPnwtJBKPg6B+aaiu9WTbBemmpu69yTV6Ssu9+D0JrkSegczq3hefOlfA0hiyJ2kQ+qcvomkBW8vTE1pfrpm//wl5dNOb9SFNcNdS3GcAk1wvhEGrp9WgqOKws6ovy5RW1tM+haQVRouUQzmIEfDEr4vvHYIwfuLv9JbzqGSBh6corNJFNaLCdplqaS9OWv82hDlmZUgMVvfqogZnMLU85/V4wlw1fRUpVdpA4Pi7nVLBesXpQg0vRaYpl7g29TLBOH0GOpkNijbx9czsARNa2Kuh7LKXizg38ntUb+bst64HAItVloEphylUASOybDry5Rfqz9nLrntdQb2qSEN0Y9p+HJxdaWiXSvDTCyx8m0axuIxfRrCd8QLImLDIneZCNNZ1S5Aqumfx8Az/tfoy6fX23HGQQXUOBQMbzt5d9dedWvU/WP5QI1Gv5pyYBIRNvp2mHllO2yj1P9SLj7tznlVLDbzYtgCgoQr72LjCKVNkkLN+xxhv7Lo8eul54RpBcON6jo2doBC/gJKdPsGq5Ii1VnNR2uM3R5onq+14aBIID6EEfHXPVqdGgQ/19gEw7D5wrZ1HR7HvBBIIBaUsIJE+KZutxGdGTm6+KAn3fPGfvRiJZAzSs7SLZg5e+EoSTYCHsrPDMAmgAgllX2WjaNv1TMGO6jFhKqMRWtjiSl3Dwjvi8l4yuPsOEgSAg3MC8zxQVWeKrD6MnEzS7npYlC2OCfkoBxRc7mFLlH/6gUwxobnNTplxa+CpQ1pkYklgq4jvHJy3XeXIgFAbDFCIEaHShq5zSdhUDt9KWbJJjPyBPustBpTdJM92W9FhN+TAT6WrxGFl4+msQlwuTBQ7hPclRk/FT6SNuWepdxJw3tQLqL7nvvetL7RxFLd+wr1/31axjgyv/mmMDCvoLuXWfXEbWXZ9mFD4ND8G0w+rOzVcDaZOPQl1ivIhbAXIP1DnOdQyo2ieS0CwhLub1V5QgufFMXC2r8WLbMTwwFQYJKoZIhvcNAQkUMQgeBgB2AGkAczAjBgkqhkiG9w0BCRUxFgQUzbU2AuQjpu6bX8Dlp8Mi1mM/DQ8AAAAAAAAwgAYJKoZIhvcNAQcGoIAwgAIBADCABgkqhkiG9w0BBwEwKAYKKoZIhvcNAQwBBjAaBBSnVJf7kvCpR4ocBPtttOqIC0dO0gICBACggASCA1iFpEgte9Ai05l85IPzk4/FfptqBy7nx4kH2kkmLPSOlbXZ1+a90SpqJDxqwc3WKZyEcyugi9lipLjDn/ZC9JwmDuYphEJ7GeK1RiNfyQKQpJ8NbczXPjbPJnJlfYW/zo+zOm4J+Kh+ccNaBok4jOaR86ug1V73NKazldBOMd/NAjVtppQZSEuL47GOswN/iZNLeUqrKsaxf3lghGLSyitw46AlzHYXu0DM8k6RkrGlDGa1WPxhQh7ni4ExNJklnPsHATm878wJbSoeC5zo31IaNvFKac63rDl8M8/9NR2Yt/L6FzQ0ZxNPD9rpNO0kTLF5gdGxuzk0vvZ1gWXhZaBQr0fRe3f+LtjY3mgqZgdU/uq7ESUn+Ch1qoVHeJDSjsNZk8g6EXkrHHe3r+aEHcaEGt6p1jbcv4+8iMcI5LU8fYKBYLsbLLqnzKah+g8bhCLZQVi+oc+HGiewMocQ/IO23H1XMb4aJOEqnqaRmcWgB2Yux8TUKolFgZ7Y49btCeME2UzPfecnujSMAvQHhtLua3GILxm0OreSg89LjnJc8noi+bVxlzy+ObcqfhiwkolOv/OhqGH/kEbfKMxZt4C0b2kURygYbr7CMhoeTyacBJMBIjJirBBrtb2pPNEkxovP763ruxzNe1dyLfDEkTyxxbAP2k6BdwVrbjy7L3/nkogge/N7iAZ7i+mz67YEggFX49tBTGpR6OwkY62o2tMCPy24M0kIcpbQgO083Hi5Jf9QOC7+FoHXcdj2LYHY2c9OmCTgmG+yHu9/trtECpHMeNq7RTHA4bMTK74sBxz6ZZnZPVGVti4KsBX+CwEkZRph/T4OcGeAltLnmQgi7g3Vu7OuiZRH6aFLz6W/zqlahfKaVs6S2Wuba3pnX4pLNrt/pjSmIx9IVFIQPg/uRJGw+1V/yC9Xr15peURcOqKg4oTkkb/3K9FKdFBVquQ4JMuqI5yZzHV4moK5U2Vj0WHptZFn9eiYBfphTL1tWPcg0Qd+dgeU4ErcQu9Wzpjg2HDN5UmUzSPAuZ2xNvABnWayluCwBe+lHJW6zffon2z96q0/U+LGsz0ji1sHudcRkY6vTuaQjyl0VXignU3zcw5xldGopU2g2GYFecQduskLoc6a676vKAR4X+ly2wAAAAAAAAAAAAAAAAAAAAAAADA9MCEwCQYFKw4DAhoFAAQUYzPyzqMz54ommIKgUyQXIvzHI/0EFPyhIbGXOmginnMAZHCCWOie297eAgIEAAAA</l7:Pkcs12Data>
</l7:PrivateKeyExportResult>
</l7:Resource>
</l7:Item>
3) Import the private key using the following:
URI = /restman/1.0/privateKeys/00000000000000000000000000000002:vis/import
HTTP Method = POST
Request message:
<l7:PrivateKeyImportContext xmlns:l7="http://ns.l7tech.com/2010/04/gateway-management">
<l7:Pkcs12Data>MIIC4TCCAcmgAwIBAgIJANxuJJkHSJDQMA0GCSqGSIb3DQEBDAUAMA4xDDAKBgNVBAMTA3ZpczAeFw0xNjEyMjMxNjM1MThaFw0yMTEyMjIxNjM1MThaMA4xDDAKBgNVBAMTA3ZpczCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAISHYmkg1/+WezyMLw3m9VrHGZf+t7HWUGUgcXEQLL84PBuAe7zLuKzAqAb83BzGrbODf/rYZboD70dyTJz8x4n3DjhZjMmLYR140Kwohr2eD0Dy9nu16Og9RKC6ccob8Do17puHivrZ6jQ6B3167VCeEs9nMITdxCOziDSXQSgNMQMnCIs3NLjvGlH1JBDUzfjg39Dr+LdBH9l7ZGVRilIVNrPY3cUJsZFHeO1bkT+as4wz0Rh9kNbGRNioXblr//h1GcRZtWLv1YUXEAFu7AP/CgEgf8X8iRLsF7ySJbNrhS9DWH/dgED9jhkK8nHMimPNdaPVeibYOjMGQJdXF8kCAwEAAaNCMEAwHQYDVR0OBBYEFM21NgLkI6bum1/A5afDItZjPw0PMB8GA1UdIwQYMBaAFM21NgLkI6bum1/A5afDItZjPw0PMA0GCSqGSIb3DQEBDAUAA4IBAQAn2CZjgkKCMRUSS69H293kwFuCyAZAmcGUgFqykQf3HaF211otVuu9tn00gnYEVP0x4yBoNU8PteLeYta+7AMsndJh/hIX2z0gKtLSsIcpc7nVsjiM7lZL+UpMC0pKKkfx8CDE6xvlJa6cz1nUqkG9HyeKJRxIZjg6m5JSwSCZGUlfw3EWSCWElYjV+PpOjL9jgaBcTkzoQsdzAYG65tZ1d5ctESpR16RCYgEeCjyqkLLnyGgaztzPvqYk/KCEDa+3z5PmObcyiHRPtsis9U+g7WGUA+TOpdIHELNRJ2dp7mm0aebYazWUmteDgUXqu5OHboUPx+z+OzYSa3e7ftrD</l7:Pkcs12Data>
<l7:Password>7layer]</l7:Password>
</l7:PrivateKeyImportContext>
If you use the wrong password for the export in the import statement you will see:
<l7:Error xmlns:l7="http://ns.l7tech.com/2010/04/gateway-management">
<l7:Type>ResourceAccess</l7:Type>
<l7:TimeStamp>2016-12-23T09:47:25.400-08:00</l7:TimeStamp>
<l7:Link rel="self" uri="https://hugst05-ssg91.ca.com:9443/restman/1.0/privateKeys/00000000000000000000000000000002:vis/import"/>
<l7:Detail>PKCS12 key store mac invalid - wrong password or corrupted file.</l7:Detail>
</l7:Error>
Sincerely,
Stephen Hughes
Director, CA Support