--search-keys: "gpg: error searching keyserver: No inquire callback in IPC"

Rainer Fiebig jrf at mailbox.org
Wed Jul 28 18:38:07 CEST 2021 

Am 28.07.21 um 17:42 schrieb Andrew Gallagher:
> On 28/07/2021 15:19, Rainer Fiebig via Gnupg-users wrote:
>> 2021-07-28 16:06:50 dirmngr[4135.6] Fehler beim Verbinden mit
>> 'https://keys.openpgp.org:443': Fehlendes Herausgeberzertifikat in der
>> Kette
>> 2021-07-28 16:06:50 dirmngr[4135.6] command 'KS_SEARCH' failed:
>> Fehlendes Herausgeberzertifikat in der Kette
>> 2021-07-28 16:06:50 dirmngr[4135.6] Handhabungsroutine für den fd 6
>> beendet
> 
> "Fehlendes Herausgeberzertifikat in der Kette" translates as "Missing
> publisher certificate in the chain", is that correct?
> 
Correct.

> keys.openpgp.org uses LetsEncrypt as their TLS CA. Can you connect to
> other keyservers that also use LetsEncrypt? For example, pgpkeys.eu uses
> the same intermediate certificate (LetsEncrypt R3) as keys.openpgp.org.
> 
This works:

~> gpg --keyserver pgpkeys.eu --search-keys
E3FF2839C048B25C084DEBE9B26995E310250568
gpg: enabled debug flags: memstat
gpg: data source: http://pgpkeys.eu:11371
(1)	Łukasz Langa (GPG langa.pl) <lukasz at langa.pl>
	Łukasz Langa <lukasz at edgedb.com>
	Łukasz Langa <lukasz at python.org>
	Łukasz Langa (Work e-mail account) <ambv at fb.com>
	  4096 bit RSA key B26995E310250568, erzeugt: 2015-05-11
Keys 1-1 of 1 for "E3FF2839C048B25C084DEBE9B26995E310250568".  Eingabe
von Nummern, Nächste (N) oder Abbrechen (Q) >


Each of these lines in dirmngr.conf also work:
keyserver http://keys2.andreas-puls.de/
keyserver http://pgpkeys.eu/

~> gpg --search-keys E3FF2839C048B25C084DEBE9B26995E310250568
gpg: enabled debug flags: memstat
gpg: data source: http://keys2.andreas-puls.de:80
(1)	Łukasz Langa (GPG langa.pl) <lukasz at langa.pl>
	Łukasz Langa <lukasz at edgedb.com>
	Łukasz Langa <lukasz at python.org>
	Łukasz Langa (Work e-mail account) <ambv at fb.com>
	  4096 bit RSA key B26995E310250568, erzeugt: 2015-05-11
Keys 1-1 of 1 for "E3FF2839C048B25C084DEBE9B26995E310250568".  Eingabe
von Nummern, Nächste (N) oder Abbrechen (Q) >

> What OS are you using? Do you have the latest version of ca-certificates
> (or equivalent) installed?
> 
Linux From Scratch, latest stable. The ca-certificates (from
Mozilla.org) are updated regularly (automated).

More information about the Gnupg-users mailing list