--search-keys: "gpg: error searching keyserver: No inquire callback in IPC"
Ingo Klöcker
kloecker at kde.org
Wed Jul 28 21:38:02 CEST 2021
On Mittwoch, 28. Juli 2021 18:38:07 CEST Rainer Fiebig via Gnupg-users wrote:
> Am 28.07.21 um 17:42 schrieb Andrew Gallagher:
> > On 28/07/2021 15:19, Rainer Fiebig via Gnupg-users wrote:
> >> 2021-07-28 16:06:50 dirmngr[4135.6] Fehler beim Verbinden mit
> >> 'https://keys.openpgp.org:443': Fehlendes Herausgeberzertifikat in der
> >> Kette
> >> 2021-07-28 16:06:50 dirmngr[4135.6] command 'KS_SEARCH' failed:
> >> Fehlendes Herausgeberzertifikat in der Kette
> >> 2021-07-28 16:06:50 dirmngr[4135.6] Handhabungsroutine für den fd 6
> >> beendet
> >
> > "Fehlendes Herausgeberzertifikat in der Kette" translates as "Missing
> > publisher certificate in the chain", is that correct?
>
> Correct.
>
> > keys.openpgp.org uses LetsEncrypt as their TLS CA. Can you connect to
> > other keyservers that also use LetsEncrypt? For example, pgpkeys.eu uses
> > the same intermediate certificate (LetsEncrypt R3) as keys.openpgp.org.
>
> This works:
>
> ~> gpg --keyserver pgpkeys.eu --search-keys
> E3FF2839C048B25C084DEBE9B26995E310250568
> gpg: enabled debug flags: memstat
> gpg: data source: http://pgpkeys.eu:11371
> (1) Łukasz Langa (GPG langa.pl) <lukasz at langa.pl>
> Łukasz Langa <lukasz at edgedb.com>
> Łukasz Langa <lukasz at python.org>
> Łukasz Langa (Work e-mail account) <ambv at fb.com>
> 4096 bit RSA key B26995E310250568, erzeugt: 2015-05-11
> Keys 1-1 of 1 for "E3FF2839C048B25C084DEBE9B26995E310250568". Eingabe
> von Nummern, Nächste (N) oder Abbrechen (Q) >
Doesn't use TLS. Just plain HTTP.
> Each of these lines in dirmngr.conf also work:
> keyserver http://keys2.andreas-puls.de/
> keyserver http://pgpkeys.eu/
Ditto. Since your problems seem to be related to TLS it's not really
surprising that keyservers not using https work.
Does 'gpg --keyserver hkps://pgpkeys.eu --search-keys ...' work for you?
What does 'curl -v https://keys.openpgp.org' say?
Regards,
Ingo
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 228 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20210728/94fb0127/attachment-0001.sig>
More information about the Gnupg-users
mailing list