Am 28.07.21 um 17:42 schrieb Andrew Gallagher: > On 28/07/2021 15:19, Rainer Fiebig via Gnupg-users wrote: >> 2021-07-28 16:06:50 dirmngr[4135.6] Fehler beim Verbinden mit >> 'https://keys.openpgp.org:443': Fehlendes Herausgeberzertifikat in der >> Kette >> 2021-07-28 16:06:50 dirmngr[4135.6] command 'KS_SEARCH' failed: >> Fehlendes Herausgeberzertifikat in der Kette >> 2021-07-28 16:06:50 dirmngr[4135.6] Handhabungsroutine für den fd 6 >> beendet > > "Fehlendes Herausgeberzertifikat in der Kette" translates as "Missing > publisher certificate in the chain", is that correct? > Correct.
> keys.openpgp.org uses LetsEncrypt as their TLS CA. Can you connect to > other keyservers that also use LetsEncrypt? For example, pgpkeys.eu uses > the same intermediate certificate (LetsEncrypt R3) as keys.openpgp.org. > This works: ~> gpg --keyserver pgpkeys.eu --search-keys E3FF2839C048B25C084DEBE9B26995E310250568 gpg: enabled debug flags: memstat gpg: data source: http://pgpkeys.eu:11371 (1) Łukasz Langa (GPG langa.pl) <[email protected]> Łukasz Langa <[email protected]> Łukasz Langa <[email protected]> Łukasz Langa (Work e-mail account) <[email protected]> 4096 bit RSA key B26995E310250568, erzeugt: 2015-05-11 Keys 1-1 of 1 for "E3FF2839C048B25C084DEBE9B26995E310250568". Eingabe von Nummern, Nächste (N) oder Abbrechen (Q) > Each of these lines in dirmngr.conf also work: keyserver http://keys2.andreas-puls.de/ keyserver http://pgpkeys.eu/ ~> gpg --search-keys E3FF2839C048B25C084DEBE9B26995E310250568 gpg: enabled debug flags: memstat gpg: data source: http://keys2.andreas-puls.de:80 (1) Łukasz Langa (GPG langa.pl) <[email protected]> Łukasz Langa <[email protected]> Łukasz Langa <[email protected]> Łukasz Langa (Work e-mail account) <[email protected]> 4096 bit RSA key B26995E310250568, erzeugt: 2015-05-11 Keys 1-1 of 1 for "E3FF2839C048B25C084DEBE9B26995E310250568". Eingabe von Nummern, Nächste (N) oder Abbrechen (Q) > > What OS are you using? Do you have the latest version of ca-certificates > (or equivalent) installed? > Linux From Scratch, latest stable. The ca-certificates (from Mozilla.org) are updated regularly (automated). _______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
