Gpg4win LetsEncrypt issue

Anze Jensterle anze at anze.dev
Wed Jan 5 01:43:58 CET 2022 

OK, I seem to have solved the issue.
@Alex Nadtoka <alex.nadtoka at gmail.com> Deleting the DST Root is not needed.
Make sure to delete the certificate name "Let's Encrypt X1" or similar and
"R3" from the user and system store. They are not stored under "Trusted
Roots" but under "Intermediate CAs". After I deleted all the old cached
intermediates I am able to use a keyserver again.

Best,
Anze

On Wed, Jan 5, 2022 at 1:26 AM Anze Jensterle <anze at anze.dev> wrote:

> I am having the same issue on GnuPG version 2.3.4.
> If I have the DST root in my Trust Root Store I get Certificate expired,
> if I don't have it in there I get "No inquire callback in IPC" and Dirmngr
> logs "error connecting to 'https://keys.openpgp.org:443': Missing issuer
> certificate".
> Any idea why this would still happen?
>
> Best,
> Anze
>
> On Tue, Jan 4, 2022 at 3:46 PM Alex Nadtoka via Gnupg-users <
> gnupg-users at gnupg.org> wrote:
>
>> I do have isntalled ISRG Root X1 and  X2
>> But I noticed that DST Root CA X3 appeared again in the system... weird.
>> deleted it with admin privileges from entire PC
>>
>> вт, 4 січ. 2022 р. о 15:14 Andrew Gallagher via Gnupg-users <
>> gnupg-users at gnupg.org> пише:
>>
>>>
>>> On 4 Jan 2022, at 12:15, Alex Nadtoka <alex.nadtoka at gmail.com> wrote:
>>>
>>> yes thanks, tried disabling it but error was still there. So I deleted  DST
>>> Root CA X3 . At the mooment I see error from dirmngr 2.3.4: no CA
>>> certificate found
>>> And
>>> error searching keyserver: "No inquire callback in IPC"
>>> Not sure if it is still because of root certificate. Will try to google
>>> now
>>>
>>>
>>> You probably don’t have the new root certificate installed then. You
>>> should be able to download it from letsencrypt.org
>>>
>>> A
>>> _______________________________________________
>>> Gnupg-users mailing list
>>> Gnupg-users at gnupg.org
>>> http://lists.gnupg.org/mailman/listinfo/gnupg-users
>>>
>> _______________________________________________
>> Gnupg-users mailing list
>> Gnupg-users at gnupg.org
>> http://lists.gnupg.org/mailman/listinfo/gnupg-users
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20220105/fe36508f/attachment-0001.html>

More information about the Gnupg-users mailing list