Hi! I spent some time looking into this. The CRL is issued by a certificate
CN=dgnservice CRL2101 13:PN,O=DGN Deutsches Gesundheitsnetz Service GmbH,C=DE However that certificate is not available: I only found the previous one: ldapsearch -H ldap://ldap.dgnservice.de:389 -b 'O=DGN Deutsches Gesundheitsnetz Service GmbH,C=DE' -x -v -LLL "CN=dgnservice CRL2101 12:PN" without the certificate we can't verify the CRL. Switching to OCSP does also not work due to a missing certificate. We have seen this problem already last year; see https://dev.gnupg.org/rG90caa7ad598be123707f4d4651f9a64a74347626 Alexander: Maybe you can to ask DGN why they don't distribute that cert but announce it in the CRL. Shalom-Salam, Werner -- The pioneers of a warless world are the youth that refuse military service. - A. Einstein
openpgp-digital-signature.asc
Description: PGP signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
