Using public keys for verifying JWTs

The participant can be configured to verify the signature on JWTs using certificates as described here: Daml Sandbox — Daml SDK 2.2.0 documentation

Given that certificates are basically wrappers of public keys with some additional information, can we also provide the path to the public key directly in the configuration for this verification, or does the signature checking somehow rely on the certificate wrapper?

At the moment, we only support certificates but I don’t believe there is a strong reason for that, we just extract the key out of the certificate and ignore everything else. Is there a particular reason why you cannot generate a certificate for your key?

I don’t believe there is, as creating a self-signed certificate is pretty straightforward. I just wanted to see if that step is necessary. Thank you!