Hi! I'm trying to get Scute working in Mozilla (as a first step
towards making GnuTLS also use it as a PKCS#11 module). I imported my
newly generated certificate into gpgsm as follows:
[EMAIL PROTECTED]:~$ gpgsm --import .gnupg/test-key.pem
gpgsm: issuer certificate {E93C1CFBAD926EE606A4562CA2E1C05327C8F295} not found
using authorityKeyIdentifier
gpgsm: issuer certificate (#/CN=GnuTLS test CA) not found
gpgsm: issuer certificate {E93C1CFBAD926EE606A4562CA2E1C05327C8F295} not found
using authorityKeyIdentifier
gpgsm: total number processed: 1
gpgsm: unchanged: 1
[EMAIL PROTECTED]:~$
I guessed that it wouldn't hurt to import the CA certificate too. But
here's what happened then:
[EMAIL PROTECTED]:~$ gpgsm --import
~/src/www-gnutls/test-credentials/x509-ca.pem
gpgsm: self-signed certificate has a BAD signature: Bad signature
gpgsm: basic certificate checks failed - not imported
gpgsm: total number processed: 1
gpgsm: not imported: 1
[EMAIL PROTECTED]:~$
As far as I can tell, there is nothing wrong with this certificate.
Ideas?
You can retrieve the certificate from:
http://www.gnu.org/software/gnutls/test-credentials/x509-ca.pem
I'm using GnuPG 2.0.3.
I don't know if it is relevant, but the list of 'Supported algorithms'
seems rather short:
[EMAIL PROTECTED]:~$ gpgsm --version
gpgsm (GnuPG) 2.0.3
Copyright (C) 2007 Free Software Foundation, Inc.
This program comes with ABSOLUTELY NO WARRANTY.
This is free software, and you are welcome to redistribute it
under certain conditions. See the file COPYING for details.
Home: ~/.gnupg
Supported algorithms:
[EMAIL PROTECTED]:~$
/Simon
_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
