gpgsm and Kmail and X509 certificates
Graeme Nichols
gnichols at tpg.com.au
Fri Sep 21 04:47:17 CEST 2007
Hello Werner,
Werner Koch wrote:
> On Thu, 20 Sep 2007 02:49, gnichols at tpg.com.au said:
>
>> [graeme at barney ~]$ gpgsm -K
>> /home/graeme/.gnupg/pubring.kbx
>> -------------------------------
>> gpgsm: DBG: connection to agent established
>> secmem usage: 0/16384 bytes in 0 blocks
>> [graeme at barney ~]$
>>> this should show you your own certificates
>> It didn't as you can see.
>
> With own certificates I meant, Your certifciate plus your private key.
>
> Did you import the key at all?
Yes, I did. It said that one key was imported, key was good and all
that. The key name was gnichols at tpg.com.au.crt. I have never been able
to import my key in *.p12 format. I normally renew my key and install it
into Firefox automatically then back it up to floppy in *.p12 format.
Trying to then import that backup into gpgsm results in the following:
[graeme at barney ~]$ gpgsm --import My_Certificate120308.p12
gpgsm: gpgsm: GPG_TTY has not been set - using maybe bogus default
gpgsm: gpg-protect-tool: canceled by user
gpgsm: gpg-protect-tool: cancelled
gpgsm: total number processed: 0
secmem usage: 0/16384 bytes in 0 blocks
[graeme at barney ~]$
>
>> [graeme at barney ~]$ gpgsm --passwd gnichols at tpg.com.au
>> gpgsm: DBG: connection to agent established
>> gpgsm: error changing passphrase: No such file or directory
>
> That means that your private key does not exists. To manually check
> this do:
>
> gpgsm --dump-key 2D:0D:02:D5:2E:0F:D9:C7:31:48:C8:A2:63:13:6F:AD:C7:21:27:34
>
> Youy will notice a line
>
> keygrip: <40-hex-digits>
Yes. That worked, thank you.
>
> then check whether a file
>
> ~/.gnupg/private-keys-v1.d/<40-hex-digits>.key
>
> exists. It does not and this is the reason you see "No such file or
> directory" (Well, it should better read "No such secret key").
No. there are no files in the ~/.gnupg/private-keys-v1.d/ directory.
>
> You need to get your private key as a pkcs#12 file and import it into
> gpgsm
>
> gpgsm --import foo.p12
Does not work as you can see above. Is the backup of my certificate from
Mozilla in *.p12 format the same as getting it from CACert in *.p12 format?
Thank you very much for your patience and help. Please bear with me
until I get this fixed if you will.
--
----------------------------------------------------------------------
Kind regards,
Graeme.
----------------------------------------------------------------------
Download my GnuPG public key from:-
http://www.users.tpg.com.au/gnichols/graemenichols.pub
----------------------------------------------------------------------
Each of us bears his own Hell.
-- Publius Vergilius Maro (Virgil)
More information about the Gnupg-users
mailing list