gpgsm --sign with smartcard?

Simon Josefsson simon at josefsson.org
Fri Apr 20 13:37:29 CEST 2007 

I'm trying to sign something using gpgsm and a smartcard, but here is
what happens:

jas at mocca:~$ gpgsm --sign -u BD:5F:80:DE:63:03:4E:C9:E2:84:1E:63:09:55:2E:34:5C:5F:22:6F
dirmngr[21860]: error opening `/home/jas/.gnupg/dirmngr_ldapservers.conf': No such file or directory
dirmngr[21860]: permanently loaded certificates: 0
dirmngr[21860]:     runtime cached certificates: 0
dirmngr[21860]: no CRL available for issuer id 73504958EC804B0DA5501605CFEC58754F0864FE
dirmngr[21860]: crl_fetch via issuer failed: Configuration error
dirmngr[21860]: command ISVALID failed: Configuration error
gpgsm: certificate #4628A165/CN=GnuTLS test CA
gpgsm: checking the CRL failed: Configuration error
gpgsm: can't sign using `BD:5F:80:DE:63:03:4E:C9:E2:84:1E:63:09:55:2E:34:5C:5F:22:6F': Configuration error
jas at mocca:~$

Where do I put the CRL that will be checked?

Alternatively, how can I tell gpgsm/dirmngr to not check any CRL?

Thanks,
Simon

jas at mocca:~$ gpgsm -K
/home/jas/.gnupg/pubring.kbx
----------------------------
Serial number: 4628A165
       Issuer: /CN=GnuTLS test CA
      Subject: /CN=Test Key/O=Simon Josefsson
          aka: (dns-name josefsson.org)
     validity: 2007-04-20 11:17:59 through 2007-10-17 11:18:02
     key type: 1024 bit RSA
    key usage: digitalSignature keyEncipherment
ext key usage: clientAuth (suggested), serverAuth (suggested)
  fingerprint: BD:5F:80:DE:63:03:4E:C9:E2:84:1E:63:09:55:2E:34:5C:5F:22:6F

jas at mocca:~$ gpgsm -k
/home/jas/.gnupg/pubring.kbx
----------------------------
Serial number: 4628A165
       Issuer: /CN=GnuTLS test CA
      Subject: /CN=Test Key/O=Simon Josefsson
          aka: (dns-name josefsson.org)
     validity: 2007-04-20 11:17:59 through 2007-10-17 11:18:02
     key type: 1024 bit RSA
    key usage: digitalSignature keyEncipherment
ext key usage: clientAuth (suggested), serverAuth (suggested)
  fingerprint: BD:5F:80:DE:63:03:4E:C9:E2:84:1E:63:09:55:2E:34:5C:5F:22:6F

Serial number: 46261D27
       Issuer: /CN=GnuTLS test CA
      Subject: /CN=GnuTLS test CA
     validity: 2007-04-18 13:29:11 through 2008-04-17 13:29:11
     key type: 1024 bit RSA
    key usage: certSign
 chain length: unlimited
  fingerprint: 15:32:B4:BA:5A:8A:79:88:CA:26:42:83:59:1B:A3:A2:1C:0B:CC:24

jas at mocca:~$

More information about the Gnupg-users mailing list