GnuPG 2.2.4 on Windows - problems accessing some HKPS keyservers

David Gray dgray4656 at
Wed Jan 24 14:17:39 CET 2018

Thanks, Phil - 

I appreciate your help and your response.



Sent from my iPhone

> On Jan 23, 2018, at 9:51 PM, Phil Pennock <gnupg-users at> wrote:
> Looks to me like a GnuPG bug.  In fact, it looks very much like
> which has been marked resolved.
> The hostname there is a CNAME to Amazon DNS, and my dirmngr logfile
> records:
> 2018-01-23 21:28:10 dirmngr[70787.6] TLS verification of peer failed: hostname does not match
> 2018-01-23 21:28:10 dirmngr[70787.6] DBG: expected hostname:
> The untrusted name retrieved from DNS resolution of the CNAME record is
> being used as the name for validation.
> The patches to address the issue seem to focus on SRV records, so
> repaired one way in which the problem manifested, but either didn't fix
> the underlying issue, or there's been a regression.
> I've opened a new ticket for the maintainers to track this.
> -Phil

More information about the Gnupg-users mailing list