dirmngr: Wrong certificate error?

Daniel Kahn Gillmor dkg at fifthhorseman.net
Mon Aug 1 22:33:26 CEST 2016


On Mon 2016-08-01 15:34:01 -0400, Patrick Brunschwig wrote:

> How can the root certificates be added to gnutls (and dirmngr)?

see my initial proposal here:

 https://lists.gnupg.org/pipermail/gnupg-devel/2016-July/031372.html

I've just opened this as:

 https://bugs.gnupg.org/gnupg/issue2433


fwiw, your gnutls-cli invocation's output looks like:

> Error setting the x509 trust file
> Resolving 'keys.mailvelope.com:443'...
> Connecting to '52.208.40.58:443'...
> - Certificate type: X.509

but "gnutls-cli keys.mailvelope.com" works for me, so i suspect you have
something misconfigured with your gnutls installation.  i see the start
of the output as:

> Processed 151 CA certificate(s).
> Resolving 'keys.mailvelope.com'...
> Connecting to '52.208.40.58:443'...
> - Certificate type: X.509

maybe you need to look at the system-level trust store on your gnutls
installation?

        --dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 948 bytes
Desc: not available
URL: </pipermail/attachments/20160801/7448f63d/attachment.sig>


More information about the Gnupg-devel mailing list