gpgsm and trusted keys
Jens Lechtenboerger
cloudpg at informationelle-selbstbestimmung-im-internet.de
Tue Dec 17 18:57:48 CET 2013
Hi there,
after I imported my private key into gpgsm, it was not trusted for
signatures by gpgsm, because the root CA was not trusted.
After enabling allow-mark-trusted in gpg-agent.conf, gpg-agent asks
whether I trust the root CA. Saying "yes" creates
~/.gnupg/trustlist.txt with the root certificate's fingerprint, and
the key becomes usable.
However, I actually don't trust them, so I don't want their
fingerprint in trustlist.txt. Instead, I do trust the intermediate
CA, which signed my certificate request. Manually adding their
fingerprint to trustlist.txt did not work, though. I was still
asked for trust in the root CA, and saying "No" resulted in a failed
signature.
Is there a way to mark intermediate CAs as trusted so that all
certificates issued by them become usable?
Thanks
Jens
More information about the Gnupg-users
mailing list