On 7/15/2017 1:40 PM, Lee wrote: [snip] > in my ~/.gnupg/gpg.conf so I can do auto-key-retrieve securely ... or > at least over an encrypted channel. But what file should I be using > as the ca-cert file?
You should be using the "system" files. On Cygwin that means installing the ca-certificates package (currently version 2.14-1). They are installed in a location where the SSL package expects them, you don't have to go look for them, and shouldn't need to specify its location (a directory) on your gpg.conf [snip] > $ grep "^keyserver" ~/.gnupg/gpg.conf > keyserver hkps://pgp.mit.edu/ > keyserver-options check-cert=on > keyserver-options ca-cert-file=/etc/pki/tls/cert.pem Wrong cert actually, I don't know why you say it worked. The cert that should have matched is the one used by the key server, not by you. -- R. Berber -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
