Fwd: using gnupg with a secure ldap (ldaps) keyserver
Sanchez the Cactus
sanchezthecactus at yahoo.com
Fri Jul 16 18:58:40 CEST 2004
--- David Shaw <dshaw at jabberwocky.com> wrote:
> On Tue, Jul 06, 2004 at 04:37:19PM -0700, Sanchez the Cactus wrote:
> > > Hi,
> > >
> > > I'm trying to use gnupg to send my key to my company's keyserver. The
> > > URL
> > > scheme for the keyserver is ldaps://ldap.company.com:636/ou=pgp
> > > keys,dc=company,dc=com. Unfortunately, I can't figure out how to get
> > > gpg to
> > > recognize this url schema and connect successfully. If I set the
> > > keyserver
> > > option to be that url, i get:
> > >
> > > unable to execute program "gpgkeys_ldaps": No such file or directory
> > > gpg: no handler for keyserver scheme "ldaps"
> > >
> > > if i change it to simply be ldap instead of ldaps, I get:
> > > gpgkeys: internal LDAP bind error: Can't contact LDAP server
> > > gpg: keyserver internal error
> > >
> > >
> > > is there a way to get this working? It seems (according to
> > > google) like i should be able to get it working with cvs/unstable
> > > gnupg, but that doesn't work either...
> GnuPG 1.3.6 (or the CVS version) can do ldaps, but it requires that
> you have OpenLDAP set up to do ldaps. OpenLDAP only does ldaps if you
> have OpenSSL installed.
> Gnupg-users mailing list
> Gnupg-users at gnupg.org
when I try with GnuPG 1.3.6 linked against OpenLDAP linked against either
GNUTLS or OpenSSL, i get the following error:
./gpg -v --keyserver "ldaps://ldap.company.com/ou=pgp keys,dc=company,dc=com"
gpg: NOTE: THIS IS A DEVELOPMENT VERSION!
gpg: It is only intended for test purposes and should NOT be
gpg: used in a production environment or with production keys!
gpg: WARNING: using insecure memory!
gpg: please see http://www.gnupg.org/faq.html for more information
gpgkeys: unable to make SSL connection: not supported by the NAI LDAP keyserver
gpg: key "keymaster" not found on keyserver
gpg: keyserver internal error
gpg: keyserver search failed: keyserver error
is the "NAI LDAP keyserver" not supported by GnuPG, or is there some other way
to make GnuPG access it?
Do you Yahoo!?
Yahoo! Mail Address AutoComplete - You start. We finish.
More information about the Gnupg-users