My experience is only an ASA, but you could try exporting the trustpoint in pkcs12 format, which should contain both the cert and private keys:
crypto ca export trustpoint pkcs12 passphrase
-trustpoint being the trustpoint name
-passphrase being a password you want to use to protect the output with
The ASA should output the base64-encoded pkcs12 file to the terminal screen, and you can copy/paste into notepad. When you want to import back into the same or different firewall just use the 'import' command:
crypto ca import trustpoint pkcs12 passphrase
The trustpoint name doesn't have to be the same as the one you exported. You'll paste in the pkcs12 output you just copied.
I believe if you've deleted the trustpoint you'll also lose the associated keys. Not 100% on that though. You can't recover the keys from the chain cert.
Hope this is what you're looking for.
- James