Using S/MIME encryption with self-signed certificates

Werner Koch wk at
Sun Jul 4 15:02:04 CEST 2010

On Fri,  2 Jul 2010 13:21, fweimer at said:
> Is it possible to use gpgsm to encrypt data for a self-signed X.509
> certificate?  Right now, the program bails out with "issuer
> certificate is not marked as a CA", and I would like to work around
> that, preferably without running a full CA.

Add the keyword "relax" to ~/.gnupg/trustlist.txt and give the agent a
HUP (or run "gpgconf --reload gpg-agent").  Example line:

  1122334455667788990011223344556677889900 S relax



Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.

More information about the Gnupg-users mailing list