Hi! I'm trying to get Scute working in Mozilla (as a first step towards making GnuTLS also use it as a PKCS#11 module). I imported my newly generated certificate into gpgsm as follows:
[EMAIL PROTECTED]:~$ gpgsm --import .gnupg/test-key.pem gpgsm: issuer certificate {E93C1CFBAD926EE606A4562CA2E1C05327C8F295} not found using authorityKeyIdentifier gpgsm: issuer certificate (#/CN=GnuTLS test CA) not found gpgsm: issuer certificate {E93C1CFBAD926EE606A4562CA2E1C05327C8F295} not found using authorityKeyIdentifier gpgsm: total number processed: 1 gpgsm: unchanged: 1 [EMAIL PROTECTED]:~$ I guessed that it wouldn't hurt to import the CA certificate too. But here's what happened then: [EMAIL PROTECTED]:~$ gpgsm --import ~/src/www-gnutls/test-credentials/x509-ca.pem gpgsm: self-signed certificate has a BAD signature: Bad signature gpgsm: basic certificate checks failed - not imported gpgsm: total number processed: 1 gpgsm: not imported: 1 [EMAIL PROTECTED]:~$ As far as I can tell, there is nothing wrong with this certificate. Ideas? You can retrieve the certificate from: http://www.gnu.org/software/gnutls/test-credentials/x509-ca.pem I'm using GnuPG 2.0.3. I don't know if it is relevant, but the list of 'Supported algorithms' seems rather short: [EMAIL PROTECTED]:~$ gpgsm --version gpgsm (GnuPG) 2.0.3 Copyright (C) 2007 Free Software Foundation, Inc. This program comes with ABSOLUTELY NO WARRANTY. This is free software, and you are welcome to redistribute it under certain conditions. See the file COPYING for details. Home: ~/.gnupg Supported algorithms: [EMAIL PROTECTED]:~$ /Simon _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users