kaikramer
commented
1 year ago Well. the reason for this is simply that KSE is built around the Java KeyStore API and the Java Cryptography Extension (JCE). If there is a JCE provider with an implementation of the KeyStore interface for a certain type of file or crypto hardware, then it can be included in KSE as a KeyStore. But neither the JRE nor BC include a PEM KeyStore implementation.
You can browse the JCE providers in KSE via "Help -> Security Providers" and expand the "Key Stores" node to see the provided keystore types, for example:
I did a quick search and have actually found a JCE provider for PEM files, but it has too many restrictions to be usable in KSE: https://github.com/robymus/simple-pem-keystore
To be honest, I like the idea to support PEM as another KeyStore type in KSE quite a lot. Writing a JCE provider is not that much work and it seems like a useful addition to KSE. I'll consider it for one of the next releases.
KSE shows JKS, PKCS #12 and so on as keystore. With contents in the main window. But, when I open a PEM file, it shows it as a pop-up window titled "Certificate Details for File ''"
Per my understanding, a PEM file can contain various types of certificates and keys and multiple amount of them. Which in my understanding makes it a typical keystore, no?
So, why a PEM file with multiple certificates shows as a pop-up window while other keystores are shown in the main window?
Won't it be more proper to show PEM contents in the main window too?
Thank you.