1 files changed, 9 insertions, 1 deletions

diff --git a/security-utils/src/main/java/com/yahoo/security/tls/AutoReloadingX509KeyManager.java b/security-utils/src/main/java/com/yahoo/security/tls/AutoReloadingX509KeyManager.java
index 18764f51dc5..d4e74e22e40 100644
--- a/security-utils/src/main/java/com/yahoo/security/tls/AutoReloadingX509KeyManager.java
+++ b/security-utils/src/main/java/com/yahoo/security/tls/AutoReloadingX509KeyManager.java
@@ -5,19 +5,20 @@ import com.yahoo.security.KeyStoreBuilder;
 import com.yahoo.security.KeyStoreType;
 import com.yahoo.security.KeyUtils;
 import com.yahoo.security.X509CertificateUtils;
+import com.yahoo.security.X509CertificateWithKey;
 
 import javax.net.ssl.SSLEngine;
 import javax.net.ssl.X509ExtendedKeyManager;
 import java.io.IOException;
 import java.io.UncheckedIOException;
 import java.net.Socket;
-import java.nio.file.Files;
 import java.nio.file.Path;
 import java.security.KeyStore;
 import java.security.Principal;
 import java.security.PrivateKey;
 import java.security.cert.X509Certificate;
 import java.time.Duration;
+import java.util.Arrays;
 import java.util.concurrent.Executors;
 import java.util.concurrent.ScheduledExecutorService;
 import java.util.concurrent.TimeUnit;
@@ -59,6 +60,13 @@ public class AutoReloadingX509KeyManager extends X509ExtendedKeyManager implemen
         return new AutoReloadingX509KeyManager(privateKeyFile, certificatesFile);
     }
 
+    public X509CertificateWithKey getCurrentCertificateWithKey() {
+        X509ExtendedKeyManager manager = mutableX509KeyManager.currentManager();
+        X509Certificate[] certificateChain = manager.getCertificateChain(CERTIFICATE_ALIAS);
+        PrivateKey privateKey = manager.getPrivateKey(CERTIFICATE_ALIAS);
+        return new X509CertificateWithKey(Arrays.asList(certificateChain), privateKey);
+    }
+
     private static KeyStore createKeystore(Path privateKey, Path certificateChain) {
         try {
             return KeyStoreBuilder.withType(KeyStoreType.PKCS12)