Sunday, March 6, 2011

Wish List: Integrate openssl and/or keytool funtionality into Windows Right-Click context menu

Techies have it real good. So much that we need is already out there in the world and to top it all off there's Google so that we may find what we need! Yet, sometimes I come across problems that make me wonder: "Do we really have it all?"

I have had my fair share of banging my head bloody against the computer screen ... trying to re-learn keytool & openssl syntax, again! It takes 1 month to remind myself of all the caveats and for another month I enjoy expert status. Then the vicious cycle begins again where I don't need to use them and the 10 month hibernation strips away my facilities from me. That's my year right there .... happy new year? I think not!

So what's on my wish list?
  1. Establish a 3 letter extension syntax to honor what's what for public/private keypair based security. It is far too loose today and makes the creation of tooling more challenging than it needs to be.
    1. Public/Private Keypairs: should at least end with pem or der
      • filename.pem
      • filename.der
    2. Certificate Signing Requests: should end with csr
      • filename.csr
    3. Keystores should clearly define their own format
      • filename.jks
  2. Tools or widgets or plugins ... something should be available which makes life easier by allowing the user to right-click a file and take any valid action supported by openssl or keytool.
I don't want to make it seem like "the sky is falling" ... to be fair, it is not like the security space is completely without tooling. Some decent solutions exist that make key and certificate management simpler:
  1. Portecle: is a user friendly GUI application for creating, managing and examining key stores, keys, certificates, certificate requests, certificate revocation lists and more.
    • Wrapping Portecle with Jar Bundler works well for mac. And if you need to run it as root, you can use "sudo open" to launch it.
  2. KeyStore Explorer: is a free GUI replacement for the Java command-line utilities keytool, jarsigner and jadtool. KeyStore Explorer presents their functionality, and more, via an intuitive graphical user interface


Post a Comment