Please test :)

Daniel Leidert daniel.leidert.spam at gmx.net
Fri Aug 14 16:15:32 CEST 2009


Am Freitag, den 14.08.2009, 11:46 +0200 schrieb Jeroen Schot:

> On Thu, Aug 13, 2009 at 10:21:46PM -0400, David Shaw wrote:
> > 2) HKPS - in other words regular old HKP over SSL (i.e. https). So far as I
> > know, the only hkps server in existence right now is hkps://
> > zimmermann.mayfirst.org.
> 
> I successfully tested HKPS, but encountered a lack of documentation. So here a
> short howto specifically for the zimmermann.mayfirst.org keyserver:
> 
> Download the 'May First/People Link CA' certificate from
> <https://support.mayfirst.org/wiki/mfpl_certificate_authority> and store it in
> ~/.gnupg/ca.crt.
> 
> Add the following two lines to your gpg.conf (or add them to the commandline):
>   keyserver hkps://zimmermann.mayfirst.org
>   keyserver-options ca-cert-file ~/.gnupg/ca.crt
> 
> Test the keyserver with a '--search-keys' or '--recv-keys'.

I tried to follow your short howto (got mfpl.crt as .gnupg/ca.crt and
added the options), but I always get an error:

gpgkeys: HTTP search error 60: server certificate verification failed.
CAfile: none CRLfile: none
gpg: key "Leidert" not found on keyserver
gpg: keyserver internal error
gpg: keyserver search failed: keyserver error

Following the webform, the keys exist. Any idea? 

Regards, Daniel




More information about the Gnupg-devel mailing list