Hi Kevin, Thus far my focus has been on getting outgoing email to work (that's our primary need). I will make every effort to test inbound email ASAP.
On Tue, Jul 30, 2013 at 12:09 PM, Kevin Falcone <[email protected]>wrote: > On Tue, Jul 30, 2013 at 11:18:38AM -0400, Christopher Costa wrote: > > I have been able to get GPG integrated with RT using manually > installed public keys, but I'm > > now trying to get auto key retrieval to work. The RT documentation > suggests (to me, anyway) > > that this is possible. I haven't had any luck getting it working, and > I'm curious if any other > > users have, and would have any tips. I've configured RT this way in > RT_SiteConfig: > > You say you've tested without outgoing emails, have you tested with an > incoming mail from an unknown user? > > Also, ensure that your logging is set to debug, not just error. > > -kevin > > > Set(%GnuPG, > > Enable => 1, > > OutgoingMessagesFormat => "RFC", # Inline > > AllowEncryptDataInDB => 0, > > RejectOnMissingPrivateKey => 1, > > RejectOnBadData => 1, > > ); > > > > Set(%GnuPGOptions, > > homedir => q{var/data/gpg}, > > keyserver => 'xxxx://xxx.xxx.xxx.xxx', > > 'always-trust' => undef, > > 'auto-key-locate' => 'keyserver', > > 'keyserver-options' => 'auto-key-retrieve', > > ); > > > > However, when I attempt to send an email to somebody who doesn't > already have a key on the > > keyring, I get this error in the UI: > > > > User XXXXXXXXXX has a problem. There is no key suitable for > encryption. > > Select a key you want to use for encryption: No usable keys. > > > > and in the rt.log I see this: > > > > [Tue Jul 30 13:24:51 2013] [error]: gpg: error reading key: No public > key > > (/opt/rtdev/sbin/../lib/RT/Crypt/GnuPG.pm:2163) > > [Tue Jul 30 13:24:51 2013] [error]: gpg: error reading key: No public > key > > (/opt/rtdev/sbin/../lib/RT/Crypt/GnuPG.pm:2163) > > [Tue Jul 30 13:24:51 2013] [error]: gpg: error reading key: No public > key > > (/opt/rtdev/sbin/../lib/RT/Crypt/GnuPG.pm:2163) > > > > It *appears* that RT is checking the keyring, and erroring out if it > doesn't find a key, which > > is not what I expected to happened (I was expecting the key would be > retrieved automatically > > at the time of encryption). > > I have executed gpg from the command line with these options, and I > can retrieve a user key > > automatically and encrypt a file. So I am pretty sure the problem > isn't with the keyserver, or > > the options themselves. I'm holding out hope that I'm simply doing > something wrong within RT, > > and that there is some other setting I've overlooked. > > > > Thanks! > > Chris >
