> i was going to say we already did that but when gnupg 2.1 broke hkps we > rolled it back to hkp. if it's working now we should change it back to > hkps :) Since GnuPG 2.1.20, if no keyserver is set, the keyserver will default to hkps://hkps.pool.sks-keyservers.net using the included pem or hkp://jirk5u4osbsr34t5.onion if called with --use-tor
I just tried refreshing pacman-keyring with no keyserver or hkp-cacert set, and it called hkps://hkps.pool.sks-keyservers.net correctly. It's mainly remembering to terminate dirmngr and gpg-agent after changing any gnupg .conf files to apply the changes. > some time ago we were including a cronjob that did this for you. now i > see we're providing a systemd service and timer to run refresh-keys, so > it should be: > > systemctl restart pacman-keyring.service # for manual refresh > systemctl enable pacman-keyring.timer # for weekly refreshes I see those now. Thanks. ^_^ -jc
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ Dev mailing list [email protected] https://lists.parabola.nu/mailman/listinfo/dev
