Fwd: using gnupg with a secure ldap (ldaps) keyserver

Sanchez the Cactus sanchezthecactus at yahoo.com
Fri Jul 16 18:58:40 CEST 2004 

--- David Shaw <dshaw at jabberwocky.com> wrote:
> On Tue, Jul 06, 2004 at 04:37:19PM -0700, Sanchez the Cactus wrote:
> > 
> > > Hi,
> > > 
> > > I'm trying to use gnupg to send my key to my company's keyserver.  The 
> > > URL
> > > scheme for the keyserver is ldaps://ldap.company.com:636/ou=pgp
> > > keys,dc=company,dc=com.  Unfortunately, I can't figure out how to get 
> > > gpg to
> > > recognize this url schema and connect successfully.  If I set the 
> > > keyserver
> > > option to be that url, i get:
> > > 
> > >  unable to execute program "gpgkeys_ldaps": No such file or directory
> > > gpg: no handler for keyserver scheme "ldaps"
> > > 
> > > if i change it to simply be ldap instead of ldaps, I get: 
> > > gpgkeys: internal LDAP bind error: Can't contact LDAP server
> > > gpg: keyserver internal error
> > > 
> > > 
> > > is there a way to get this working?  It seems (according to
> > > google) like i should be able to get it working with cvs/unstable
> > > gnupg, but that doesn't work either...
> 
> GnuPG 1.3.6 (or the CVS version) can do ldaps, but it requires that
> you have OpenLDAP set up to do ldaps.  OpenLDAP only does ldaps if you
> have OpenSSL installed.
> 
> David
> 
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users at gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users
> 

when I try with GnuPG 1.3.6 linked against OpenLDAP linked against either
GNUTLS or OpenSSL, i get the following error:

./gpg -v --keyserver "ldaps://ldap.company.com/ou=pgp keys,dc=company,dc=com"
--search-keys keymaster
gpg: NOTE: THIS IS A DEVELOPMENT VERSION!
gpg: It is only intended for test purposes and should NOT be
gpg: used in a production environment or with production keys!
gpg: WARNING: using insecure memory!
gpg: please see http://www.gnupg.org/faq.html for more information
gpgkeys: unable to make SSL connection: not supported by the NAI LDAP keyserver

gpg: key "keymaster" not found on keyserver
gpg: keyserver internal error
gpg: keyserver search failed: keyserver error



is the "NAI LDAP keyserver" not supported by GnuPG, or is there some other way
to make GnuPG access it?

Thanks again,
-Joe


		
__________________________________
Do you Yahoo!?
Yahoo! Mail Address AutoComplete - You start. We finish.
http://promotions.yahoo.com/new_mail

More information about the Gnupg-users mailing list