Hi, I'm having problems using S/MIME certificates in GPG. After importing my keys into gpg(they appear in Kleopatra when I'm done), signing and encrypting with S/MIME is unsuccessful. Using Kleopatra's system tray Clipboard function to sign with the S/MIME cert gives me the error: *Signing Failed: General Error*
And using Kleopatra's Clipboard function to encrypt with the S/MIME cert gives the following error: *Encryption Failed: Not Found* I'm using Gpg4Win 1.9.16 BETA and the certs are issued by my CA(Windows Server 2008, Exchange Server). So far (after much effort) I have managed to export the certs(private and public keys) via Internet Explorer (.pfx files) and using OpenSSL, convert the bundle into .pem and extract the key, issuer cert and user cert. The method I go through to get the cert into gpg is as follows: gpgsm --call-protect-tool --p12-import --store charliekey.p12 gpgsm --import (after which I copy+paste the details from the pem file from Bag Attributes to ---END CERTIFICATE--- for the issuer cert and then repeated for the user's cert) However, the secret key does not show in --list-secret-keys. It shows however if I do this: gpgsm --import charliesign.pfx Output: gpgsm: gpg-protect-tool: 1240 bytes of 3DES encrypted text gpgsm: gpg-protect-tool: 2728 bytes of RC2 encrypted text gpgsm: gpg-protect-tool: processing certBag gpgsm: gpg-protect-tool: processing certBag gpgsm: gpg-protect-tool: keygrip: 8069846C970B7CC3FADEBE2B7995400817694359 gpgsm: gpg-protect-tool: AllowSetForegroundWindow(2188) failed: Access is denied. gpgsm: gpgsm: gpg-protect-tool: AllowSetForegroundWindow(3116) failed: Access is denied. gpgsm: gpgsm: gpg-protect-tool: NOTE: you should run 'diskperf -y' to enable the disk statistics gpgsm: gpg-protect-tool: NOTE: you should run 'diskperf -y' to enable the disk statistics gpgsm: gpg-protect-tool: NOTE: you should run 'diskperf -y' to enable the disk statistics gpgsm: gpg-protect-tool: NOTE: you should run 'diskperf -y' to enable the disk statistics gpgsm: gpg-protect-tool: secret key stored as `C:\Documents and Settings\user\Application Data\gnupg\private-keys-v1.d\8069846C970B7CC3FADEBE2B7995400817694359.key' gpgsm: total number processed: 2 gpgsm: unchanged: 2 As can be seen in the output, the secret key has been stored, and shows when I type gpgsm --list-secret-keys. Importing the pfx works in xp, but does not work in Vista. Does anyone know why my secret key can't be imported? I might have been doing something wrong. The command I use to extract the secret key is: openssl pkcs12 -in charliebundle.pem -export -out charliekey.p12 -nocerts -nodes Also, I have read that after importing the certs I have to make them trusted. How do I do so? I cannot find the file ~/.gnupg/trustlist.txt mentioned in these tutorials. Any help is much appreciated! Thanks! Regards, Sauman
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
