Problem with x.509 certificate and OpenPGP Card

Michael Freischlad Freischlad at
Wed Oct 24 09:39:29 CEST 2012

Werner, thank you for your quick response.

> card to lookup the certificate in the GnuPG keybox (via gpgsm).  The
> card does not store the certificate.

Because of the Specifications on ("Data onject to store a X.509 certificate") I thought it would be possible.

As far as I understand the card is capable of storing a complete certificate (sec key and pub key). But this certificate is not supposed to be used with the on card generated key(s). Am I right?

So it should be possible to transfer a off card generated key that might be used without scute? But then the key is extractable from the card if one knows the PIN!?

> We have tested Scute only with Firefox and thus you may may have
> problems if you use it for mail.  Should be easy to fix, though.

I'll try out and report asap.

Thanks and regards,

More information about the Gnupg-users mailing list