Help setting gpgsm to do LDAP lookup
Werner Koch
wk at gnupg.org
Mon May 18 08:53:55 CEST 2020
On Sat, 16 May 2020 23:24, John Scott said:
> Looking up recipients with both dirmngr-client and
> gpgsm --verbose --list-external-keys [recipient]
> are fruitless whether I drop the ads\ from my username or not. I've bumped the
> ldaptimeout to 25. Still both commands finish instantaneously—not unlike
I just did a quick test using using
ldap.pca.dfn.de::::o=DFN-Verein,c=DE:ldap
which works as expected. It has no username and password, though.
To better debug this you should add
--8<---------------cut here---------------start------------->8---
verbose
log-file socket://
debug ipc,lookup,extprog
no-use-tor
--8<---------------cut here---------------end--------------->8---
(if you are not using watchgnupg, repalce socket:// by a regular file name)
This gives more specifc debug output. (BTW, "dirmngr --debug help" shows
all debug options). Instead of using gpgsm it is often easier to use
gpg-connect-agent:
$ gpg-connect-agent --dirmngr
> /hex
> lookup Werner
D[0000] 30 82 05 AF 30 82 04 97 A0 03 02 01 02 02 0C 1D 0...0...........
D[0010] B0 E4 78 EA 1D 5C 64 E5 03 8C 9E 30 25 30 44 06 ..x..\d....0%0D.
[...]
END
S TRUNCATED 3
OK
Look at the log file while running these commands; hopefully you see an
error message.
Shalom-Salam,
Werner
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20200518/2250be67/attachment-0001.sig>
More information about the Gnupg-users
mailing list