Cannot revoke a certificate
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Mon Dec 7 13:56:03 CET 2015
On Wed 2015-12-02 18:18:46 -0500, David wrote:
> I am trying to revoke a very old certificate that may be compromised. I
> generated a revocation certificate using the following gpg command with
> no errors. I did get a warning about MD5 being deprecated.
>
> C:\Users\David> gpg --output kill7827.asc --gen-revoke 80942C8D
>
> However, I cannot use it. Here is the output:
>
> C:\Users\David> gpg --import .\kill7827.asc
> gpg: Note: signatures using the MD5 algorithm are rejected
> gpg: key 80942C8D: invalid revocation certificate: Invalid digest
> algorithm - rejected
> gpg: error reading `.\\kill7827.asc': Invalid digest algorithm
> gpg: import from `.\\kill7827.asc' failed: Invalid digest algorithm
> gpg: Total number processed: 0
> C:\Users\David>
You should try adding "--cert-digest-algo sha1" arguments before the
--gen-revoke command to make a SHA1-based certificate revocation.
--dkg
More information about the Gnupg-users
mailing list