> 2021-12-23 11:27:30 gpg[12864] DBG: connection to the dirmngr established
> 2021-12-23 11:27:30 gpg[12864] DBG: chan_0x0000025c -> GETINFO version
> 2021-12-23 11:27:30 gpg[12864] DBG: chan_0x0000025c <- D 2.3.4
> 2021-12-23 11:27:30 gpg[12864] DBG: chan_0x0000025c <- OK
> 2021-12-23 11:27:30 gpg[12864] DBG: chan_0x0000025c -> KEYSERVER --clear
> hkps://gpg.example.com/
> 2021-12-23 11:27:30 gpg[12864] DBG: chan_0x0000025c <- OK
> 2021-12-23 11:27:30 gpg[12864] DBG: chan_0x0000025c -> KS_SEARCH --
> oleksa...@example.com
> 2021-12-23 11:27:30 gpg[12864] DBG: chan_0x0000025c <- ERR 167772261
> Certificate expired <Dirmngr>
> 2021-12-23 11:27:30 gpg[12864] error searching keyserver: Certificate expired
> 2021-12-23 11:27:30 gpg[12864] keyserver search failed: Certificate expired
> 2021-12-23 11:27:30 gpg[12864] DBG: chan_0x0000025c -> BYE
OK, so I can see from the image that you’re not actually using example.com,
fair enough :-) I do notice that your chosen keyserver is using a
recently-issued letsencrypt certificate. There is a known issue with
Letsencrypt certificates due to the replacement of their upstream CA and a
known bug in openssl. Are you able to upgrade openssl and the ca-certificates
bundle on your client machine?
A
_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
