I have had my fair share of banging my head bloody against the computer screen ... trying to re-learn keytool & openssl syntax, again! It takes 1 month to remind myself of all the caveats and for another month I enjoy expert status. Then the vicious cycle begins again where I don't need to use them and the 10 month hibernation strips away my facilities from me. That's my year right there .... happy new year? I think not!
So what's on my wish list?
-
Establish a 3 letter extension syntax to honor what's what for public/private keypair based security. It is far too loose today and makes the creation of tooling more challenging than it needs to be.
- Public/Private Keypairs: should at least end with pem or der
- filename.pem
- filename.der
- Certificate Signing Requests: should end with csr
- filename.csr
- Keystores should clearly define their own format
- filename.jks
- Public/Private Keypairs: should at least end with pem or der
- Tools or widgets or plugins ... something should be available which makes life easier by allowing the user to right-click a file and take any valid action supported by openssl or keytool.
-
Portecle: is a user friendly GUI application for creating, managing and examining key stores, keys, certificates, certificate requests, certificate revocation lists and more.
- Wrapping Portecle with Jar Bundler works well for mac. And if you need to run it as root, you can use "sudo open portecle.app" to launch it.
- KeyStore Explorer: is a free GUI replacement for the Java command-line utilities keytool, jarsigner and jadtool. KeyStore Explorer presents their functionality, and more, via an intuitive graphical user interface
0 comments:
Post a Comment