System wide dirmngr configuration with Gnupg 2.1

Andre Heinecke aheinecke at intevation.de
Thu Jan 22 18:14:09 CET 2015


Hi,

To summarize my last mail: As an organization that uses S/MIME we need to 
centrally configure the trusted Root CA's for GnuPG and the ldap server used in 
dirmngr for certificate retrieval.

This worked for us with GnuPG 2.0.x by configuring these in /etc/dirmngr/ but 
with GnuPG 2.1 it appears no longer possible if we don't want to stick with 
the old system deamon mode.

I've wrote the attached small Patch to use the system-wide configuration by 
default if /etc/gnupg/dirmngr.conf exists and is readable.

I don't think it will be a problem with legacy systems as the dirmngr.conf was 
located under /etc/dirmngr/dirmngr.conf in previous versions.

Would this be acceptable?

Regards,
Andre

-- 
Andre Heinecke |  ++49-541-335083-262  |  http://www.intevation.de/
Intevation GmbH, Neuer Graben 17, 49074 Osnabrück | AG Osnabrück, HR B 18998
Geschäftsführer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-dirmngr-Prefer-system-wide-config-by-default.patch
Type: text/x-patch
Size: 3068 bytes
Desc: not available
URL: </pipermail/attachments/20150122/b99d39a2/attachment.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20150122/b99d39a2/attachment.sig>


More information about the Gnupg-devel mailing list