Hi,
thanks for your efforts in providing this library.
I noticed, that there was a CVE raised against Bouncy Castle for Java before 1.74 (https://nvd.nist.gov/vuln/detail/CVE-2023-33201) and wanted to kindly ask for an update of pem-keystore's dependency to it.

It is not that pressing, as I can just exclude the library from my dependencies, but maybe others might benefit from the fix as well.

It is ranked as medium and only applies in certain conditions (LDAP CertStore to validate X.509 certificates), but scanners will find it, even if it's probably not exploitable from your usage.

Thanks in advance
Konrad

I think it makes sense. But yes, one should be able to "version manage" this with e.g. maven.

I would welcome a PR.

Thanks, I filed a PR in #21.
I noticed a failing JUnit test which failed before my change as well, as the checked-in certificate for the test server expired (Not Valid After: 2023-04-28).
I can't easily regenerate it without the root CA key, if you still have the OpenShift cluster, could you issue a new cert, please?
The other option might be to mock the current time in the test, I do not know what is your preferred approach, therefore I just committed the code change and no change to the test.

Thanks for recreating the certs, I re-based my previous branch which passes the tests now.

Should be released as 2.3.0, not sure how long it takes until it lands at maven central.

Thank you very much