PKCS#12

Sun Aug 6 22:12:31 CEST 2006

Hello, 

it seems that I have a problem with a root certificate - according to 
the error message the root certificate is not marked as "to be trusted"
can some one please tell me what I need to do to get the root cert. 
trusted?

Here is the error message:
4 - 2006-08-04 23:43:46 gpg-agent[7421.0x8092ae8] DBG: <- ISTRUSTED 
355E69678EB5D72B5DC882276847F27C0D3C4156
4 - 2006-08-04 23:43:46 gpg-agent[7421.0x8092ae8] DBG: -> ERR 304 not 
trusted
6 - 2006-08-04 23:43:46 gpgsm[15127]: Das Wurzelzertifikat ist nicht 
als vertrauensw?rdig markiert

And here is the full story:

I have imported my PKCS#12 Cert. public, priv. and the root certs via 
the following method:

1. Export the Certificate from your browser into a file 
"certbundle.p12". 

 2. Use OpenSSL to extract the key from the bundle. 
 bash$ openssl pkcs12 -in certbundle.pem -export -out certkey.p12 
-nocerts -nodes 

Then, extract the key from the bundle and export it, again in PKCS#12 
format:

bash$ gpgsm --call-protect-tool --p12-import --store certkey.p12

3. Import the Issuers certificate and your own certificate 
bash$ gpgsm --import <file>

But when I now want to sign a Mail I get the following error:

4 - 2006-08-04 23:43:46 gpg-agent[7421.0x8092ae8] DBG: <- ISTRUSTED 
355E69678EB5D72B5DC882276847F27C0D3C4156
  4 - 2006-08-04 23:43:46 gpg-agent[7421.0x8092ae8] DBG: -> ERR 304 not 
trusted
  6 - 2006-08-04 23:43:46 gpgsm[15127]: Das Wurzelzertifikat ist nicht 
als vertrauensw?rdig markiert

The last in German means: the root cert is not marked as to be truested. 
I like to do this. How can I do this?

Thanks a lot
Michael