diff --git a/formats.go b/formats.go
index bd8ca1f..96bd73a 100644
--- a/formats.go
+++ b/formats.go
@@ -124,6 +124,40 @@ func writeCertificateBundleFile(filename string, data map[string]interface{}, mo
 	return nil
 }
 
+func writeKeyCertificateBundleFile(filename string, data map[string]interface{}, mode os.FileMode) error {
+	bundleFile := fmt.Sprintf("%s-bundle.pem", filename)
+	keyFile := fmt.Sprintf("%s-key.pem", filename)
+	caFile := fmt.Sprintf("%s-ca.pem", filename)
+	certFile := fmt.Sprintf("%s.pem", filename)
+
+	bundle := fmt.Sprintf("%s\n%s", data["private_key"], data["certificate"])
+	key := fmt.Sprintf("%s\n", data["private_key"])
+	ca := fmt.Sprintf("%s\n", data["issuing_ca"])
+	certificate := fmt.Sprintf("%s\n", data["certificate"])
+
+	if err := writeFile(bundleFile, []byte(bundle), mode); err != nil {
+		glog.Errorf("failed to write the bundled certificate file, error: %s", err)
+		return err
+	}
+
+	if err := writeFile(certFile, []byte(certificate), mode); err != nil {
+		glog.Errorf("failed to write the certificate file, errro: %s", err)
+		return err
+	}
+
+	if err := writeFile(caFile, []byte(ca), mode); err != nil {
+		glog.Errorf("failed to write the ca file, errro: %s", err)
+		return err
+	}
+
+	if err := writeFile(keyFile, []byte(key), mode); err != nil {
+		glog.Errorf("failed to write the key file, errro: %s", err)
+		return err
+	}
+
+	return nil
+}
+
 func writeTxtFile(filename string, data map[string]interface{}, mode os.FileMode) error {
 	keys := getKeys(data)
 	if len(keys) > 1 {
diff --git a/utils.go b/utils.go
index 91a4736..d3986f6 100644
--- a/utils.go
+++ b/utils.go
@@ -191,6 +191,8 @@ func processResource(rn *VaultResource, data map[string]interface{}) (err error)
 		err = writeTxtFile(filename, data, rn.fileMode)
 	case "bundle":
 		err = writeCertificateBundleFile(filename, data, rn.fileMode)
+	case "key-cert-bundle":
+		err = writeKeyCertificateBundleFile(filename, data, rn.fileMode)
 	default:
 		return fmt.Errorf("unknown output format: %s", rn.format)
 	}
diff --git a/vault_resource.go b/vault_resource.go
index 8ad2fa6..f936217 100644
--- a/vault_resource.go
+++ b/vault_resource.go
@@ -57,7 +57,7 @@ const (
 )
 
 var (
-	resourceFormatRegex = regexp.MustCompile("^(yaml|yml|json|env|ini|txt|cert|bundle|csv)$")
+	resourceFormatRegex = regexp.MustCompile("^(yaml|yml|json|env|ini|txt|cert|bundle|key-cert-bundle|csv)$")
 
 	// a map of valid resource to retrieve from vault
 	validResources = map[string]bool{