Re: gnugp 2.4.3 fails to build with --disable-ldap

Matthias Apitz wrote: > How to fix this? Here is a commit of mine for GnuPG 2.4: https://dev.gnupg.org/rG9ae3cfcabec9252c22d67b7a15c36f0a8cf22f0f -- ___ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-use

gnugp 2.4.3 fails to build with --disable-ldap

/scdaemon/usr-local --with-npth-prefix=/home/sisis/scdaemon/usr-local --with-ntbtls-prefix=/home/sisis/scdaemon/usr-local --disable-ldap make ... gcc -std=gnu99 -I/home/sisis/scdaemon/usr-local/include -I/home/sisis/scdaemon/usr-local/include -I/home/sisis/scdaemon/usr-local/include -I/home/sisis

Re: S/MIME certificates with LDAP-only CRL uri

Hi! I spent some time looking into this. The CRL is issued by a certificate CN=dgnservice CRL2101 13:PN,O=DGN Deutsches Gesundheitsnetz Service GmbH,C=DE However that certificate is not available: I only found the previous one: ldapsearch -H ldap://ldap.dgnservice.de:389 -b '

Re: S/MIME certificates with LDAP-only CRL uri

On Thu, 23 Feb 2023 18:37, Alexander Grahn said: > Thank your for your reply. Does it mean that the problem is to be solved on > the > GnuPG end? I can't tell because I do not have a valid DGN certificate anymore. Feel free so send me yours by PM - makes debugging easier. Salam-Shalom, Wer

Re: S/MIME certificates with LDAP-only CRL uri

On Thu, Feb 23, 2023 at 04:09:31PM +0100, Werner Koch wrote: > On Thu, 23 Feb 2023 11:22, Alexander Grahn said: > > Should an ldap host answer on ping requests in general? Because the one in > > Pinging arbitrary servers does often work because too many admins tend > to block I

Re: S/MIME certificates with LDAP-only CRL uri

On Thu, 23 Feb 2023 11:22, Alexander Grahn said: > Should an ldap host answer on ping requests in general? Because the one in Pinging arbitrary servers does often work because too many admins tend to block ICMP echo. An LDAP server is commonly behind some load balancer and thus a ping won

Re: S/MIME certificates with LDAP-only CRL uri

> gpgsm: certificate #410FE63506C68DDF/CN=dgnservice CA 2 Type E:PN,O=DGN > > Deutsches Gesundheitsnetz Service GmbH,C=DE gpgsm: checking the CRL failed: > > Not found > > gpgsm: error creating signature: Not found > [...] > > `gpgsm --dump-chain' presents me th

Re: S/MIME certificates with LDAP-only CRL uri

gpgsm: error creating signature: Not found [...] > `gpgsm --dump-chain' presents me the following URI: > > crlDP: > ldap://ldap.dgnservice.de:389/CN=CRL-1,O=DGN%20Service%20GmbH,C=DE?certific > ateRevocationList?base?objectClass=cRLDistributionPoint > > Now my question is whether t

S/MIME certificates with LDAP-only CRL uri

CRL checking with option --disable-crl-checks, which is not such a good idea, I guess. The CA provides only an LDAP URI for getting the revocation list. Root and intermediate certificates can be downloaded here: https://www.dgn.de/dgncert/downloads.html `gpgsm --dump-chain' presents m

Re: Help setting gpgsm to do LDAP lookup

h I'm not sure they support the use of, I think they might require non-opportunistic TLS—I get an 'S PROGRESS TICK ? 0 0" message and Dirmngr takes its time before calling it quits. On the other hand using 636 or 3269 Dirmngr seems to not try and gets the log. The URI says only

Re: Help setting gpgsm to do LDAP lookup

On Sat, 16 May 2020 23:24, John Scott said: > Looking up recipients with both dirmngr-client and > gpgsm --verbose --list-external-keys [recipient] > are fruitless whether I drop the ads\ from my username or not. I've bumped > the > ldaptimeout to 25. Still both commands finish instantaneous

Help setting gpgsm to do LDAP lookup

Hi, I'm stumped getting gpgsm to lookup S/MIME certificates in my organization. I've got a temporary working solution with ldapsearch after logging into my VPN with NetworkManager+OpenConnect: ldapsearch -Wt -b OU=Accounts,DC=ads,DC=foo,DC=com -D CN=jscott,OU=Accounts,DC=ads,DC=foo,DC=com '

How to specify LDAP authentication details with dirmngr/GnuPG 2.1?

I'm trying to use GnuPG 2.1 and using an LDAP server as the keyserver. >From what I can tell, the keyserver configuration has moved from gpg to dirmngr but I am really struggling to figure out how I should be configuring GnuPG/dirmngr so that it knows how to authenticate with the LDA

Re: Using LDAP keyservers with gpg 2.1.11

ip Colmer wrote: > On 8 April 2016 at 11:55, Kristian Fiskerstrand > wrote: >>>> is ldap listed as a schema when doing KEYSERVER --help ? you can >>>> also check if ldd /usr/bin/dirmngr shows a linkage to libldap > > Thanks for this suggestion. dirmngr wasn't

Re: Using LDAP keyservers with gpg 2.1.11

On 7 April 2016 at 17:03, Kristian Fiskerstrand wrote: > is ldap listed as a schema when doing KEYSERVER --help ? you can also > check if ldd /usr/bin/dirmngr shows a linkage to libldap Sorry - how do I check the schema? I'm not sure what command you are asking me to run. With reg

Re: Using LDAP keyservers with gpg 2.1.11

On 8 April 2016 at 11:55, Kristian Fiskerstrand wrote: >>> is ldap listed as a schema when doing KEYSERVER --help ? you can >>> also check if ldd /usr/bin/dirmngr shows a linkage to libldap Thanks for this suggestion. dirmngr wasn't listing ldap, so I've installed the

Re: Using LDAP keyservers with gpg 2.1.11

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 04/08/2016 12:38 PM, Philip Colmer wrote: > On 7 April 2016 at 17:03, Kristian Fiskerstrand > wrote: >> is ldap listed as a schema when doing KEYSERVER --help ? you can >> also check if ldd /usr/bin/dirmngr shows a

Re: Using LDAP keyservers with gpg 2.1.11

e only > information I seem to be getting is: > > gpg: DBG: chan_4 <- ERR 167772346 No keyserver available is ldap listed as a schema when doing KEYSERVER --help ? you can also check if ldd /usr/bin/dirmngr shows a linkage to libldap - -- - Kristian

Re: Using LDAP keyservers with gpg 2.1.11

On 7 April 2016 at 15:40, Werner Koch wrote: > On Wed, 6 Apr 2016 17:33, philip.col...@linaro.org said: > >> However, with version 2.1.11, it isn't working. Enabling debug options >> where I can find them gives me this output: > > Please enable debugging for dirmngr and restart dirmngr. All netw

Re: Using LDAP keyservers with gpg 2.1.11

On Wed, 6 Apr 2016 17:33, philip.col...@linaro.org said: > However, with version 2.1.11, it isn't working. Enabling debug options > where I can find them gives me this output: Please enable debugging for dirmngr and restart dirmngr. All network access is done via the dirmngr daemon which is sta

Using LDAP keyservers with gpg 2.1.11

I've configured our LDAP server to act as a keyserver for use with GnuPG. In testing, with version 1.x and 2.0, sending keys to the keyserver works. However, with version 2.1.11, it isn't working. Enabling debug options where I can find them gives me this output: gpg: enabled debug fla

Re: wiki.gnupg.org (Re: LDAP-based Keyserver)

At Mon, 2 Mar 2015 12:35:30 +0100, Bernhard Reiter wrote: > On Saturday 28 February 2015 at 12:27:05, Neal H. Walfield wrote: > >   http://wiki.gnupg.org/LDAPKeyserver > > and while you were at it, you have also went through a number of wiki pages > correcting and improving the format and languag

wiki.gnupg.org (Re: LDAP-based Keyserver)

Hi Neal, On Saturday 28 February 2015 at 12:27:05, Neal H. Walfield wrote: >   http://wiki.gnupg.org/LDAPKeyserver and while you were at it, you have also went through a number of wiki pages correcting and improving the format and language! Thanks and welcome to the club of wiki.gnupg.org help

Re: LDAP-based Keyserver

is >> tutorial. You can find it here: >> >> http://wiki.gnupg.org/LDAPKeyserver > > Doesn't refer to your work but is a general question as I have > never used LDAP: > > Is there any advantage in using LDAP for this? Or is this a "We > have the LD

Re: LDAP-based Keyserver

fer to your work but is a general question as I have never used LDAP: Is there any advantage in using LDAP for this? Or is this a "We have the LDAP server anyway thus we add the keyserver stuff instead of using a separate keyserver" decision? Hauke -- Crypto für alle: http://www.openp

LDAP-based Keyserver

Hi, Nearly a decade ago, Walter Haidinger posted a how to describing how to setup an OpenLDAP PGP keyserver. http://lists.gnupg.org/pipermail/gnupg-users/2006-February/028058.html In that time, OpenLDAP configuration has gotten a lot more complicated. I've modernized and significantly expande

Re: GnuPG 2.1: make LDAP optional

On Wed, Oct 15, 2014, Werner Koch wrote: > FWIW, I am consider to make LDAP and optional feature. Most users are Yes, please! ___ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Are GNUPG Keyservers ordinary LDAP Servers?

On Feb 11, 2009, at 10:10 AM, 小波 顾 wrote: From: guxiaobo1...@hotmail.com To: gnupg-us...@gnu.org Subject: Are GNUPG Keyservers ordinary LDAP Servers? Some of them are, yes. Some of them are SKS: http://www.nongnu.org/sks/ GPG speaks several keyserver protocols, including LDAP, HKP (what SKS

Are GNUPG Keyservers ordinary LDAP Servers?

From: guxiaobo1...@hotmail.comto: gnupg-us...@gnu.orgsubject: Are GNUPG Keyservers ordinary LDAP Servers?Date: Wed, 11 Feb 2009 23:09:22 +0800 What can you do with the new Windows Live? Find out _ Invite your mail contacts to

Re: CERT fails with LDAP URL

rypt(1.4.1) > > > I generated the CERT record using the make-dns-cert tool and set the > url to "ldap://keyserver.pgp.com";. My key is definitely listed on the > keyserver, and GPG is correctly connecting to the keyserver using ldap. > It seems that gpg is asking the ldap s

Re: CERT fails with LDAP URL

rypt(1.4.1) > > > I generated the CERT record using the make-dns-cert tool and set the > url to "ldap://keyserver.pgp.com";. My key is definitely listed on the > keyserver, and GPG is correctly connecting to the keyserver using ldap. > It seems that gpg is asking the ldap s

CERT fails with LDAP URL

]' via DNS CERT gpg: [EMAIL PROTECTED]: skipped: No public key gpg: [stdin]: encryption failed: No public key $ gpg2 --version gpg (GnuPG) 2.0.9 [...] Used libraries: gcrypt(1.4.1) I generated the CERT record using the make-dns-cert tool and set the url to "ldap://keyserver.pgp.com&qu

[REPOST] LDAP Basic Auth not working for key search, keyserver-options ignored!

Hello, following the example here : http://lists.gnupg.org/pipermail/gnupg-users/2006-February/028058.html i used the binddn and bindpw option to do a simple auth against an ldap server gpg.exe --keyserver ldap://localhost --keyserver-options "binddn=\"uid=someuser\""

LDAP Basic Auth not working for key search, keyserver-options ignored!

Hello, following the example here : http://lists.gnupg.org/pipermail/gnupg-users/2006-February/028058.html i used the binddn and bindpw option to do a simple auth against an ldap server gpg.exe --keyserver ldap://localhost --keyserver-options "binddn=\"uid=someuser\""

Re: LDAP PGP Keyserver

Doug Barton пишет: > Kirill, > > Check for /usr/local/libexec/gpg2keys_ldap > > If you have that you should be ok. > Got it. ls -l /usr/local/libexec/gpg2keys_ldap -r-xr-xr-x 1 root wheel 29172 2 oct 18:35 /usr/local/libexec/gpg2keys_ldap But im can`t add key`s... --- Kirill __

Re: LDAP PGP Keyserver

On Thu, 4 Oct 2007, Proskurin Kirill wrote: > Im use FreebBSD 6.2 now. > Then im run a > % portupgrade -N gnupg > > Im put a cross on "ldap support"... Kirill, Check for /usr/local/libexec/gpg2keys_ldap If you have that you should be ok. hth, Doug -- If y

Re: LDAP PGP Keyserver

On Thu, Oct 04, 2007 at 05:42:30PM +0400, Proskurin Kirill wrote: > David Shaw wrote: > > > > > > When you run ./configure to build GPG, what does it say about LDAP? > > It would be something like this: > > > > checking whether LDAP via "-lldap"

Re: LDAP PGP Keyserver

David Shaw wrote: > > > When you run ./configure to build GPG, what does it say about LDAP? > It would be something like this: > > checking whether LDAP via "-lldap" is present and sane... yes > > If it doesn't say 'yes', then you're not b

Re: LDAP PGP Keyserver

On Thu, Oct 04, 2007 at 04:52:57PM +0400, Proskurin Kirill wrote: > David Shaw wrote: > > Ah, this is a problem. What you are seeing when you request a LDAP > > access is a message from the "generic" keyserver handler (using curl). > > Are you built with LDAP su

Re: LDAP PGP Keyserver

David Shaw wrote: > Ah, this is a problem. What you are seeing when you request a LDAP > access is a message from the "generic" keyserver handler (using curl). > Are you built with LDAP support? Recompile GPG with LDAP support, and > you should be in better shape. You can

Re: LDAP PGP Keyserver

On Thu, Oct 04, 2007 at 10:37:23AM +0400, Proskurin Kirill wrote: > We have a "ou=PGP Keys,dc=company,dc=org" full of a PGP keys what work`s. > > PGP Desktop easy search at our Ldap keyserver and inports key`s from were. > What we need: > > We need to add keys t

LDAP PGP Keyserver

e --- We have a "ou=PGP Keys,dc=company,dc=org" full of a PGP keys what work`s. PGP Desktop easy search at our Ldap keyserver and inports key`s from were. What we need: We need to add keys to a keyserver. When im try "sent to" any key to our keyserver via PGP Deskto

Re: searching for a key with gpg ldap

On Thu, Jun 15, 2006 at 12:14:22PM +0200, Ralf Hauser wrote: > Hi, > > Leaving the TLS/SSL problem from the previous mail aside, with > > gpg.1.4.3 --keyserver ldap://localhost:2389 --keyserver-options > 'binddn="dn=micky"' --keyserver-options "d

searching for a key with gpg ldap

Hi, Leaving the TLS/SSL problem from the previous mail aside, with gpg.1.4.3 --keyserver ldap://localhost:2389 --keyserver-options 'binddn="dn=micky"' --keyserver-options "debug=5" --keyserver-options bindpw=mouse --search-keys Test on windows, a nice "b

Re: [Fwd:] Public Keyserver with LDAP

Hi, Olaf Gellert wrote: > This came in on gnupg-users mailinglist, I thought > I should forward it to pgp-keyserver-folks, too. > > Teun, is there still an LDAP server at surfnet? No. When SURFnet moved the cname pgp.surfnet.nl from the very old horowitz.surfnet.nl to the

Re: Public Keyserver with LDAP

Teichmeier, Heiko wrote on 23.03.2006 9:11: > Can anyone tell me - exist a public GPG-Keyserver into the internet with > LDAP-protocol as access-way? If this is true, than tell us the > adress(es), please. > ldap://keyserver.pgp.com/ -- Regards OpenPGP Key ID: 0x9E353B56500B8987

[Fwd:] Public Keyserver with LDAP

This came in on gnupg-users mailinglist, I thought I should forward it to pgp-keyserver-folks, too. Teujn, is there still an LDAP server at surfnet? Teichmeier, Heiko wrote: > Can anyone tell me - exist a public GPG-Keyserver into the internet with > LDAP-protocol as access-way? If this i

Public Keyserver with LDAP

Can anyone tell me - exist a public GPG-Keyserver into the internet with LDAP-protocol as access-way? If this is true, than tell us the adress(es), please. best regards Stadtwerke Meerane GmbH Heiko Teichmeier http://www.sw-meerane.de

Re: Direct LDAP access

On Wed, Oct 26, 2005 at 02:50:30PM -0500, Wes wrote: > I hope this isn't something already discussed that I overlooked in the > list.. > > PGP 9 stores the file name in the encrypted data. You can take a file > xyz.pgp, decrypt it, and return it to the original "My Word Doc.DOC". There > is noth

Re: Direct LDAP access

I hope this isn't something already discussed that I overlooked in the list.. PGP 9 stores the file name in the encrypted data. You can take a file xyz.pgp, decrypt it, and return it to the original "My Word Doc.DOC". There is nothing externally visible, either in a PGP Partitioned message, nor

Re: Ldap

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 David Vallier wrote: > How does a person request a key from a ldap server? and or tell Gnupg > to use the gpgkeys_ldap.exe program? Tried to request a key via Winpt > using a ldap server and Gnupg told me off say it couldn't find >

Ldap

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 How does a person request a key from a ldap server? and or tell Gnupg to use the gpgkeys_ldap.exe program? Tried to request a key via Winpt using a ldap server and Gnupg told me off say it couldn't find gpgkeys_ldap.exe. even though it's

Re: Direct LDAP access

sing private keys, though? Private keys are - private and thus it is in general dangerous to keep them on an LDAP server. From your problem description I have some doubts that you are going for the correct solution. If you want to talk about this, please feel free to contact me at wk at g10code.co

Re: Direct LDAP access

On 7/12/05 5:23 PM, "David Shaw" <[EMAIL PROTECTED]> wrote: > A very easy way to do this is to write your code to "import" the key > from the LDAP server into a brand new empty keyring, and then delete > it afterwards. Hmm... That seems a bit kludgy, but

Re: Direct LDAP access

On Tue, Jul 12, 2005 at 10:31:48AM -0500, Wes wrote: > I hope this isn't a duplicate question. I can't believe it hasn't come up > before, but I searched the 70MB archive file and found nothing. > > I tweaked (contorted?) our LDAP server to respond to PGP/GPG key ret

Direct LDAP access

I hope this isn't a duplicate question. I can't believe it hasn't come up before, but I searched the 70MB archive file and found nothing. I tweaked (contorted?) our LDAP server to respond to PGP/GPG key retrieval requests. However, it appears that GPG can only access the key