CRL checks with gpgsm

Werner Koch wk at
Fri Jul 27 10:22:33 CEST 2007

On Fri, 27 Jul 2007 02:45, timotheus at said:

>> What should go into this file? According to other posts, perhaps:
>>    server:port:::o=organization,c=domain

>From the dirmngr manual:

`--ldapserverlist-file FILE'
     Read the list of LDAP servers to consult for CRLs and certificates
     from file instead of the default per-user ldap server list file.
     The default value for FILE is `dirmngr_ldapservers.conf' or
     `ldapservers.conf' when running in `--daemon' mode.

     This server list file contains one LDAP server per line in the


     Lines starting with a  `#' are comments.

     Note that as usual all strings entered are expected to be UTF_8
     encoded.  Obviously this will lead to problems if the password has
     orginally been encoded as Latin-1.  There is no other solution here
     than to put such a password in the binary encoding into the file
     (i.e.  non-ascii characters won't show up readable).(1)

> The freemail certificate requires that
> be fetched and checked. But also,
> must be fetched for the intermediate certificate.

Does the intermediate CA specify this one as a DP?  Use gpgsm
--dump-chain to check.



More information about the Gnupg-users mailing list