hkps ssl problem

Hans of Guardian hans at guardianproject.info
Thu May 1 15:39:29 CEST 2014 

Looks like you need to get this file and point the config to the real path:

keyserver-options ca-cert-file=/pathto/.gnupg/sks-keyservers.netCA.pem


.hc

On Apr 29, 2014, at 4:41 AM, labrani wrote:

> Hello
> 
> I'm having some problem while trying to use an hkps pool server as keyserver.
> i am using gpg2 client version on a mac  os x maverick os.
> i have download the cacert file from the site and i verify that i have the good one while testing with curl.
> 
> here is the configuration of my client :
> 
> keyserver hkps://hkps.pool.sks-keyservers.net
> keyserver-options ca-cert-file=/pathto/.gnupg/sks-keyservers.netCA.pem
> keyserver-options no-honor-keyserver-url
> keyserver-options debug
> keyserver-options verbose
> keyserver-options verbose
> auto-key-locate keyserver
> fixed-list-mode
> keyid-format 0xlong
> verify-options show-uid-validity
> list-options show-uid-validity
> default-preference-list SHA512 SHA384 SHA256 SHA224 AES256 AES192 AES CAST5 ZLIB BZIP2 ZIP Uncompressed
> personal-digest-preferences SHA512
> cert-digest-algo SHA512
> no-emit-version
> 
> 
> 
> 
> and here is the error i have :
> 
> gpg2 --recv-keys 0xD9B53384
> gpg: requesting key 0xD9B53384 from hkps server hkps.pool.sks-keyservers.net
> gpgkeys: curl version = libcurl/7.30.0 SecureTransport zlib/1.2.5
> Host:		hkps.pool.sks-keyservers.net
> Command:	GET
> * Adding handle: conn: 0x1184800
> * Adding handle: send: 0
> * Adding handle: recv: 0
> * Curl_addHandleToPipeline: length: 1
> * - Conn 0 (0x1184800) send_pipe: 1, recv_pipe: 0
> * About to connect() to hkps.pool.sks-keyservers.net port 443 (#0)
> *   Trying 80.239.156.219...
> * Connected to hkps.pool.sks-keyservers.net (80.239.156.219) port 443 (#0)
> * SSL certificate problem: Invalid certificate chain
> * Closing connection 0
> gpgkeys: HTTP fetch error 60: SSL certificate problem: Invalid certificate chain
> gpg: no valid OpenPGP data found.
> gpg: Total number processed: 0
> 
> 
> thxs for your help
> 
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users at gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users

-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20140501/c386a412/attachment-0001.html>

More information about the Gnupg-users mailing list