Is it possible to certify (sign) a key using a subkey?

Robert J. Hansen rjh at
Thu Aug 17 06:17:33 CEST 2017

> Why is this behavior? I took a glance at RFC4880 and I could not find a
> requirement that only primary keys are used for certifying, although it
> is very possible that I just missed it.

Does the subkey have the certify capability on it?  If the subkey isn't
marked for certifying, it can't be used to certify.

More information about the Gnupg-users mailing list