--search-keys: "gpg: error searching keyserver: No inquire callback in IPC"

[Rainer Fiebig]

Am 29.07.21 um 19:36 schrieb Andrew Gallagher:
> On 29/07/2021 17:52, Rainer Fiebig wrote:
>>
>> ~> openssl x509 -text </etc/ssl/certs/DST_Root_CA_X3.pem | grep "Not
>> After"
>>              Not After : Sep 30 14:01:15 2021 GMT
> 
> So the file exists, and appears to have the correct contents (the
> difference in checksum is probably whitespace or commentary, I wouldn't
> worry about it).
> 
> I'm going to refer back to my earlier statement: "It looks like dirmngr
> isn't using the same set of CAs that curl is using".
> 
> If you built gnupg from its default configuration, it does not
> automatically look in /etc/ssl/certs for CA certificates. You may want
> to add a soft link from /etc/gnupg/trusted-certs to /etc/ssl/certs so
> that dirmngr looks in the Mozilla certificate library.
> 
Perhaps solved. As the main issue here seemed to be that gnupg could not
find the certificate(s) and the symlink to /etc/ssl/certs (all .pem) did
not work, I re-built gnupg with this configure-switch:

	--with-default-trust-store-file=/etc/pki/tls/certs/ca-bundle.crt


And now  --search-keys is working:

~> gpg --search-keys E3FF2839C048B25C084DEBE9B26995E310250568
gpg: data source: https://keys.openpgp.org:443
(1)	Łukasz Langa (GPG langa.pl) <lukasz at langa.pl>
	Łukasz Langa <lukasz at edgedb.com>
	Łukasz Langa <lukasz at python.org>
	  4096 bit RSA key B26995E310250568, erzeugt: 2015-05-11
Keys 1-1 of 1 for "E3FF2839C048B25C084DEBE9B26995E310250568".  Eingabe
von Nummern, Nächste (N) oder Abbrechen (Q) >

~> gpg --keyserver hkps://keys.openpgp.org --search-keys
E3FF2839C048B25C084DEBE9B26995E310250568
gpg: data source: https://keys.openpgp.org:443
(1)	Łukasz Langa (GPG langa.pl) <lukasz at langa.pl>
	Łukasz Langa <lukasz at edgedb.com>
	Łukasz Langa <lukasz at python.org>
	  4096 bit RSA key B26995E310250568, erzeugt: 2015-05-11
Keys 1-1 of 1 for "E3FF2839C048B25C084DEBE9B26995E310250568".  Eingabe
von Nummern, Nächste (N) oder Abbrechen (Q) >

~> gpg --keyserver hkps://pgpkeys.eu --search-keys
E3FF2839C048B25C084DEBE9B26995E310250568
gpg: data source: https://pgpkeys.eu:443
(1)	Łukasz Langa (GPG langa.pl) <lukasz at langa.pl>
	Łukasz Langa <lukasz at edgedb.com>
	Łukasz Langa <lukasz at python.org>
	Łukasz Langa (Work e-mail account) <ambv at fb.com>
	  4096 bit RSA key B26995E310250568, erzeugt: 2015-05-11
Keys 1-1 of 1 for "E3FF2839C048B25C084DEBE9B26995E310250568".  Eingabe
von Nummern, Nächste (N) oder Abbrechen (Q) >



However, having to build gnupg with this switch feels somewhat akward,
like a workaround, not like it should be.

I'll post this solution over at blfs-support at lists.linuxfromscratch.org
and see what they think about it. Perhaps they have a more elegant
solution or can tell me whether I've made a configuration-mistake elsewhere.

Thank you guys for your time and suggestions. They helped a lot!