*SOLVED*
On Tue, Apr 28, 2015 at 11:12 AM, Dan Bryant wrote:
> OK... I'm apparently suffering from a bad gpgsm setup. According to
> the 2011 post
> (https://lists.gnupg.org/pipermail/gnupg-devel/2011-March/025989.html)
> the following command, should just work:
>gpgsm --gen-key | gpgsm --i
OK... I'm apparently suffering from a bad gpgsm setup. According to
the 2011 post
(https://lists.gnupg.org/pipermail/gnupg-devel/2011-March/025989.html)
the following command, should just work:
gpgsm --gen-key | gpgsm --import
Not for me... I get
gpgsm: problem looking for existing certific
On Mon, 27 Apr 2015 22:07, dkbry...@gmail.com said:
> gpgsm: no issuer found in certificate
> gpgsm: basic certificate checks failed - not imported
Your root certificate is not valid. An Issuer is required and that
issuer must match the Subject. Also certain other fields are required
for a root
Getting closer... The DirMngr stuff is totally required. Got that out
of the way (added rootCA to the right dirmgr stuff).
Now I'm scrubbing the logs and it looks like DirMgr is complaining
because I didn't timestamp any of my custom certs. Any "--ignore_ts"
or similar option to bypass this mess
OK... I found some very old posts about this... don't know how much still holds.
-- https://lists.gnupg.org/pipermail/gnupg-devel/2011-June/026126.html
This guide says:
1. Convert rootCA.pem to rootCA.der
2. Place rootCA.der in dirmngr\trusted-certs
3. Ensure rootCA.der has revocation URL (??can
TL;DR: gpgsm import fails with "no issuer found in certificate"
I'm trying to generate a key-pair for GnuPG S/MINE strictly for
instructional reasons. I'll concede that I'm using a weak CA, but I'm
trying to image how the CA maintainers do this task as well. So, for my
instruction, I'm trying to
