issue with gpg4win
Andrew Gallagher
andrewg at andrewg.com
Fri Dec 24 15:49:57 CET 2021
> 2021-12-23 11:27:30 gpg[12864] DBG: connection to the dirmngr established
> 2021-12-23 11:27:30 gpg[12864] DBG: chan_0x0000025c -> GETINFO version
> 2021-12-23 11:27:30 gpg[12864] DBG: chan_0x0000025c <- D 2.3.4
> 2021-12-23 11:27:30 gpg[12864] DBG: chan_0x0000025c <- OK
> 2021-12-23 11:27:30 gpg[12864] DBG: chan_0x0000025c -> KEYSERVER --clear hkps://gpg.example.com/
> 2021-12-23 11:27:30 gpg[12864] DBG: chan_0x0000025c <- OK
> 2021-12-23 11:27:30 gpg[12864] DBG: chan_0x0000025c -> KS_SEARCH -- oleksandr at example.com
> 2021-12-23 11:27:30 gpg[12864] DBG: chan_0x0000025c <- ERR 167772261 Certificate expired <Dirmngr>
> 2021-12-23 11:27:30 gpg[12864] error searching keyserver: Certificate expired
> 2021-12-23 11:27:30 gpg[12864] keyserver search failed: Certificate expired
> 2021-12-23 11:27:30 gpg[12864] DBG: chan_0x0000025c -> BYE
OK, so I can see from the image that you’re not actually using example.com, fair enough :-) I do notice that your chosen keyserver is using a recently-issued letsencrypt certificate. There is a known issue with Letsencrypt certificates due to the replacement of their upstream CA and a known bug in openssl. Are you able to upgrade openssl and the ca-certificates bundle on your client machine?
A
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20211224/7c3e1fa4/attachment.html>
More information about the Gnupg-users
mailing list