> Did you import your new certificate onto the Yubikey? Because independently > of what your gpgsm store may contain, Scute will always try to fetch the > certificate from the token itself.
Ah, I didn't know I had to write the certificate onto the Yubikey. I only imported it into gpgsm following this guide: http://scute.org/scute.html/Certificate-Preparation.html > Could you extract the certificate from the smartcard and have a look at it? > $ gpg --card-edit > gpg/card> readcert 3 > file.der > gpg/card> quit $ od -x file.der > 0000000 217f 0082 ffff ffff ffff ffff ffff ffff > 0000020 ffff ffff ffff ffff ffff ffff ffff ffff > * > 0000400 ffff 00ff > 0000403 I just tried to write the certificate onto the Yubiykey: $ gpg --edit-card Reader ...........: Yubico Yubikey 4 OTP U2F CCID 00 00 [...] ssb> rsa4096/3AA08B6113EC625C created: 2016-12-25 expires: never [...] gpg/card> admin Admin commands are allowed gpg/card> writecert 3 <new-cert.der gpg: error writing certificate to card: Provided object is too large Do I have to choose a smaller key size? Thanks a lot Fabian
signature.asc
Description: PGP signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
