diff --git a/.gitignore b/.gitignore
index c47510bd75f62f708afbb18c1179942ec6b9f6c8..514bfbb394a991598b2e58da7a940cd3019912f5 100644
--- a/.gitignore
+++ b/.gitignore
@@ -2,4 +2,4 @@ bin/
 vendor/
 Gopkg.lock
 .idea/
-
+.project
diff --git a/handler/generate_certificate.go b/handler/generate_certificate.go
index d5ec9a982b5b10773f4de698644909dcd32f81ed..78769906a2e7f1aa90990db9e368087b4c252ad1 100644
--- a/handler/generate_certificate.go
+++ b/handler/generate_certificate.go
@@ -17,24 +17,7 @@ along with this program. If not, see <http://www.gnu.org/licenses/>.
 
 package handler
 
-import (
-	"crypto/rand"
-	"crypto/rsa"
-	"crypto/x509"
-	"crypto/x509/pkix"
-	"encoding/pem"
-	"io/ioutil"
-	"math/big"
-	"time"
-
-	"code.vereign.com/code/viam-apis/data-storage-agent/client"
-	"code.vereign.com/code/viam-apis/key-storage-agent/api"
-	"code.vereign.com/code/viam-apis/utils"
-	"code.vereign.com/code/viam-apis/versions"
-	"golang.org/x/net/context"
-	"encoding/asn1"
-)
-
+/* TODO remove this file
 func (s *KeyStorageServerImpl) GenerateCertificate(ctx context.Context, in *api.GenerateCertificateRequest) (*api.GenerateCertificateResponse, error) {
 	auth := s.CreateAuthentication(ctx)
 
@@ -188,3 +171,4 @@ func readPemBlockFromFile(fileName string) (*pem.Block, error) {
 
 	return certificatePemBlock, nil
 }
+*/
diff --git a/handler/generate_keypair.go b/handler/generate_keypair.go
index aadb6c93a68fbf35fd931ad8747d86bb3a437b32..19f658283c8ab9b10d05a56bfa9d87d535efbbc2 100644
--- a/handler/generate_keypair.go
+++ b/handler/generate_keypair.go
@@ -80,6 +80,14 @@ func (s *KeyStorageServerImpl) GenerateKeyPair(ctx context.Context,
 		generateKeyPairResponse.StatusList = handlePutDataErrors(generateKeyPairResponse.StatusList, errors, err)
 	}
 
+	//duplicate logic of ReserveKeyUUID
+	if generateKeyPairResponse.StatusList == nil || len(generateKeyPairResponse.StatusList) == 0 {
+		emptyKey := &api.Key{Content: []byte{}}
+		result, errors, err = client.DoPutDataCall("keys", uuid+"/"+api.KeyType.String(api.KeyType_CERTIFICATE),
+			emptyKey, versions.EntitiesManagementAgentApiVersion)
+		generateKeyPairResponse.StatusList = handlePutDataErrors(generateKeyPairResponse.StatusList, errors, err)
+	}
+
 	if generateKeyPairResponse.StatusList == nil || len(generateKeyPairResponse.StatusList) == 0 {
 		encryptedAesKeyBytes, err := rsaEncryptWithServerKey(s.VereignCertFilePath, aesKeyBytes, []byte("aeskeys"))
 		if err != nil {
diff --git a/handler/utils.go b/handler/utils.go
index a8e2ba9cceedbef78e3ae13d8c7d2121061eea09..c206e05ce6273d3f1fc2ec19a1532d78e63760d4 100644
--- a/handler/utils.go
+++ b/handler/utils.go
@@ -28,6 +28,8 @@ import (
 	"code.vereign.com/code/viam-apis/key-storage-agent/api"
 	"code.vereign.com/code/viam-apis/utils"
 	"github.com/golang/protobuf/proto"
+	"encoding/pem"
+	"io/ioutil"
 )
 
 func generateUnusedUUID(client *client.DataStorageClientImpl) (string, error) {
@@ -85,6 +87,17 @@ func readCertificateFromFile(fileName string) (*x509.Certificate, error) {
 	return certificate, nil
 }
 
+func readPemBlockFromFile(fileName string) (*pem.Block, error) {
+	fileBytes, err := ioutil.ReadFile(fileName)
+	if err != nil {
+		return nil, err
+	}
+
+	certificatePemBlock, _ := pem.Decode(fileBytes)
+
+	return certificatePemBlock, nil
+}
+
 func getKey(client *client.DataStorageClientImpl, uuid string, keyType api.KeyType) (*api.Key, []*api.Status) {
 	statusList := []*api.Status{}