How to encrypt using public certificate\key

shaarang tyagi shaarang.tyagi at gmail.com
Wed Sep 6 16:55:30 CEST 2017


Hello Peter,

Thanks a lot to you for clarifying this in a paragraph otherwise i would
have to read a whole lot of things to understand that i am trying to
connect 2 totally differet things!
I will go through the pdf and may have more question(s).

Thanks again!
Shaarang

On Sep 6, 2017 8:05 PM, "Peter Lebbing" <peter at digitalbrains.com> wrote:

Hello Shaarang,

On 06/09/17 16:13, shaarang tyagi wrote:
> I am talking about OpenPGP, i want to encrypt a file that follows
> openpgp standard [...]

> I was encrypting by selecting a certificate which i had imported , i had
> also imported its root ca, so certificate chain was fully there but
> encryption failed.

"Root CA", "certificate chain" and your earlier "PEM public key" tell me
you are using certificates from the Cryptographic Message Syntax
ecosystem (to which S/MIME belongs also). These are not OpenPGP
certificates/public keys, and it is simply impossible to encrypt an
OpenPGP message to them. You will need to ask your peer for their
OpenPGP certificate (also called "public key")  before you can send them
an OpenPGP encrypted message.

They are two completely separate and incompatible ecosystems. It just so
happens that GnuPG does have some support for CMS as well, through the
gpgsm binary.

More about starting with OpenPGP is in The GNU Privacy Handbook[1]. That
guide is pretty outdated, though, so don't take its word for gospel.

HTH,

Peter.

[1] <https://www.gnupg.org/gph/en/manual.html>

--
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <http://digitalbrains.com/2012/openpgp-key-peter>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20170906/ce16a8d7/attachment.html>


More information about the Gnupg-users mailing list