Gpg4win LetsEncrypt issue

Anze Jensterle anze at
Wed Jan 5 01:43:58 CET 2022

OK, I seem to have solved the issue.
@Alex Nadtoka <alex.nadtoka at> Deleting the DST Root is not needed.
Make sure to delete the certificate name "Let's Encrypt X1" or similar and
"R3" from the user and system store. They are not stored under "Trusted
Roots" but under "Intermediate CAs". After I deleted all the old cached
intermediates I am able to use a keyserver again.


On Wed, Jan 5, 2022 at 1:26 AM Anze Jensterle <anze at> wrote:

> I am having the same issue on GnuPG version 2.3.4.
> If I have the DST root in my Trust Root Store I get Certificate expired,
> if I don't have it in there I get "No inquire callback in IPC" and Dirmngr
> logs "error connecting to '': Missing issuer
> certificate".
> Any idea why this would still happen?
> Best,
> Anze
> On Tue, Jan 4, 2022 at 3:46 PM Alex Nadtoka via Gnupg-users <
> gnupg-users at> wrote:
>> I do have isntalled ISRG Root X1 and  X2
>> But I noticed that DST Root CA X3 appeared again in the system... weird.
>> deleted it with admin privileges from entire PC
>> вт, 4 січ. 2022 р. о 15:14 Andrew Gallagher via Gnupg-users <
>> gnupg-users at> пише:
>>> On 4 Jan 2022, at 12:15, Alex Nadtoka <alex.nadtoka at> wrote:
>>> yes thanks, tried disabling it but error was still there. So I deleted  DST
>>> Root CA X3 . At the mooment I see error from dirmngr 2.3.4: no CA
>>> certificate found
>>> And
>>> error searching keyserver: "No inquire callback in IPC"
>>> Not sure if it is still because of root certificate. Will try to google
>>> now
>>> You probably don’t have the new root certificate installed then. You
>>> should be able to download it from
>>> A
>>> _______________________________________________
>>> Gnupg-users mailing list
>>> Gnupg-users at
>> _______________________________________________
>> Gnupg-users mailing list
>> Gnupg-users at
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the Gnupg-users mailing list