WKD: how to remove expired key verification

Ingo Klöcker kloecker at kde.org
Tue Aug 3 17:15:17 CEST 2021

On Dienstag, 3. August 2021 11:02:35 CEST gnupgpacker wrote:
> Hello,
> a key contains an old, expired verification.
> If searching this key by WKD, it shows:
> $ gpg --locate-key xy at xyxy.de
> pub   rsa2048 2013-10-21 [SCEA] [verfallen: 2019-03-26]
>       6EB139DA63B4D15xyxyB970F435Fxy3FB0Dxyxy
> uid        [ verfallen ] Pre Name <xy at xyxy.de>
> Valid keys included are not shown.

If I run this I get a "Connection refused" error:

$ gpg -v --locate-key xy at xyxy.de
gpg: using pgp trust model
gpg: error retrieving 'xy at xyxy.de' via Local: No public key
gpg: error retrieving 'xy at xyxy.de' via WKD: Connection refused
gpg: error reading key: Connection refused

> How to fix this, how to deactivate/ remove expired verification?

You may have to fix the "Connection refused" error unless connections from 
your computer are not refused. In any case, requesting more verbose output 
will help diagnose the problem, i.e. run
$ gpg -v --locate-key xy at xyxy.de

Moreover, you can add
--auto-key-locate "clear,wkd,nodefault"
to make --locate-key ignore the local storage and try WKD only.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 228 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20210803/8c98750f/attachment.sig>

More information about the Gnupg-users mailing list