Werner Koch wrote:
On Fri, 21 Sep 2007 04:47, [EMAIL PROTECTED] said:
<snip>
Obvious if the p12 file import failed and you didn't create a certificate requests with gpgsm.
I ran gpgsm-gencert.sh script and selected 2. Existing key thinking that I could use my existing x509 cert. I was then asked for Keygrip. I entered that and then asked for Name (DN) and this is where my ignorance really shows. What is the DN? Is it a Domain Name? The script failed with the wrong info for DN (I tried my email address and name) Now this is the strange and confusing part, [EMAIL PROTECTED] *did* install OK. It is also listed in Kleopatra's key listing. See following: [EMAIL PROTECTED] ~]$ gpgsm --import [EMAIL PROTECTED] gpgsm: certificate is good gpgsm: total number processed: 1 gpgsm: unchanged: 1 secmem usage: 0/16384 bytes in 0 blocks Certificate imported OK. [EMAIL PROTECTED] ~]$ gpgsm --list-secret-keys /home/graeme/.gnupg/pubring.kbx ------------------------------- gpgsm: DBG: connection to agent established secmem usage: 0/16384 bytes in 0 blocks [EMAIL PROTECTED] ~]$ No certificate listed :-( Kleopatra's key listing is in the attachment.
PKCS#12 is a weird format and it is possible that GnuPG will not be able to parse it. However, currently I have no open bugs on this so it should work. The error message would be different from what the one you got.
[EMAIL PROTECTED] ~]$ GPG_TTY="tty" [EMAIL PROTECTED] ~]$ export GPG_TTY [EMAIL PROTECTED] ~]$ gpgsm --import My_Certificate120308.p12 gpgsm: gpg-protect-tool: canceled by user gpgsm: gpg-protect-tool: cancelled gpgsm: total number processed: 0 secmem usage: 0/16384 bytes in 0 blocks [EMAIL PROTECTED] ~]$ I have followed the instructions in the http://kontact.kde.org/kmail/kmail-pgpmime-howto.php HowTo and I still get errors. e.g., the command echo "test" | gpg -ase -r 0xDD3AAA7D | gpg which should open a graphical password dialog two times. First for signing (gpg -ase) and then for decryption (| gpg) gives the following error; [EMAIL PROTECTED] .gnupg]$ echo "test" | gpg -ase -r 0xDD3AAA7D | gpg gpg: NOTE: old default options file `/home/graeme/.gnupg/options' ignored gpg: NOTE: old default options file `/home/graeme/.gnupg/options' ignored You need a passphrase to unlock the secret key for user: "Graeme Nichols (Graeme) <[EMAIL PROTECTED]>" 1024-bit DSA key, ID DD3AAA7D, created 2002-11-08 gpg: cancelled by user gpg: no default secret key: bad passphrase gpg: [stdin]: sign+encrypt failed: bad passphrase gpg: processing message failed: eof [EMAIL PROTECTED] .gnupg]$ The pinentry file is /usr/bin/pinentry. This doesn't seem to work at all. Also, what config files should I have in ~/.gnupg? There is a whole heap of config files most of which I think are not necessary. Left over from earlier versions of gpg. I am beginning to think that I should remove gpg and kdepim and re-install to ensure that all dependencies are met. If I do this what gpg packages do I need to re-install for X509 support? Another problem that I just thought of that could be causing problems is that my earlier versions fo gpg were built from a tarball. The Fedora 7 gpg files have been installed from an rpm binary package. Maybe there are old gpg files lying about causing problems. If that could be the case where should I look for old gpg files? Thanks again for your patience. -- ---------------------------------------------------------------------- Kind regards, Graeme.
Kleopatra-keylisting1.png.gz
Description: GNU Zip compressed data
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
