--search-keys: "gpg: error searching keyserver: No inquire callback in IPC"
Rainer Fiebig
jrf at mailbox.org
Thu Jul 29 18:33:38 CEST 2021
Am 29.07.21 um 18:16 schrieb Andrew Gallagher:
> On 29/07/2021 08:41, Rainer Fiebig via Gnupg-users wrote:
>> Am 28.07.21 um 21:38 schrieb Ingo Klöcker:
>>> On Mittwoch, 28. Juli 2021 18:38:07 CEST Rainer Fiebig via Gnupg-users
> wrote:
>>>
>>> Does 'gpg --keyserver hkps://pgpkeys.eu --search-keys ...' work for you?
>>>
>> No, same output as reported initially.
>
> The common problem is the LetsEncrypt R3 certificate.
>
>> * SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
>> * ALPN, server accepted to use http/1.1
>> * Server certificate:
>> * subject: CN=keys.openpgp.org
>> * start date: Jul 26 04:32:08 2021 GMT
>> * expire date: Oct 24 04:32:06 2021 GMT
>> * subjectAltName: host "keys.openpgp.org" matched cert's
>> "keys.openpgp.org"
>> * issuer: C=US; O=Let's Encrypt; CN=R3
>> * SSL certificate verify ok.
> ...
>> Looks OK to me. The Let's Encrypt certificate is recognized and
>> verified. Or what do you think?
>
> I think it looks like dirmngr isn't using the same set of CAs that curl
> is using.
>
> The missing root certificate is:
>
>> 2021-07-28 16:06:50 dirmngr[4135.6] issuer certificate: #/CN=DST Root
> CA
>> X3,O=Digital Signature Trust Co.
> Can you confirm that /etc/ssl/certs/DST_Root_CA_X3.pem exists on your
> machine and has the following checksum?
>
> ```
> andrewg at whippet:~$ sha256sum /etc/ssl/certs/DST_Root_CA_X3.pem
> 139a5e4a4e0fa505378c72c5f700934ce8333f4e6b1b508886c4b0eb14f4be99
> /etc/ssl/certs/DST_Root_CA_X3.pem
> ```
>
Thanks. File exists but has a different checksum:
/etc/ssl/certs> sha256sum DST_Root_CA_X3.pem
4b3ecda4db3f417f23f5dfa84eb4d59d6cc2959446ebaf89c7df5866d31e9980
DST_Root_CA_X3.pem
> Also, is your system clock correct? (long shot, but always worth asking
> when debugging TLS cert issues)
>
System clock is OK. No problem asking - I'm happy for every clue I can
get in this matter. ;)
More information about the Gnupg-users
mailing list