dirmngr: Wrong certificate error?
Patrick Brunschwig
patrick at enigmail.net
Wed Aug 3 19:53:17 CEST 2016
On 01.08.16 22:33, Daniel Kahn Gillmor wrote:
> fwiw, your gnutls-cli invocation's output looks like:
>
>> Error setting the x509 trust file
>> Resolving 'keys.mailvelope.com:443'...
>> Connecting to '52.208.40.58:443'...
>> - Certificate type: X.509
>
> but "gnutls-cli keys.mailvelope.com" works for me, so i suspect you have
> something misconfigured with your gnutls installation. i see the start
> of the output as:
>
>> Processed 151 CA certificate(s).
>> Resolving 'keys.mailvelope.com'...
>> Connecting to '52.208.40.58:443'...
>> - Certificate type: X.509
>
> maybe you need to look at the system-level trust store on your gnutls
> installation?
Well yes, on Mac OS X, the system-level trust store of my self-compiled
gnutls installation is empty. It's not surprising that gnutls can't read
the root certificates from Apple's Keychain.
I exported Apple's root certificates into my gnutls root store, and it
works now correctly.
Thanks
-Patrick
More information about the Gnupg-devel
mailing list