Re: S/MIME which certificate format

Fri, 06 Jun 2025 12:35:45 -0700 

Am 13.05.2025 um 15:32:56 Uhr schrieb Werner Koch:

> Takeaway is that we can handle an empty subject but that return an
> error.  I just fixed this for for master and 2.4.
> See https://dev.gnupg.org/T7171

I was able to import the certificate, but I still have issues importing
my private key (and only this).
Importing the public certificate is now working.

I was able to import it completely as p12 after exporting (backup) it
from Thunderbird.

Although, if I want to only import my private key (exported by
gpgsm with --export-secret-key-p8), I get an error with the
issuer check.

I cannot provide you the private key, maybe can you create your own
private key/cert/CA without a subject to test.

I am trying to import the stuff that I exported from gpgsm before.
I am using opensuse tumbleweed for testing.

m@ryz:~$ cat /tmp/gpg 
test@localhost:~> gpgsm --armor --export-secret-key-p8 0x520AB3F9 > gpg-priv-out
test@localhost:~> gpg ^C
test@localhost:~> gpgsm --delete-key 0xDAB9AD8E 0x520AB3F9 0x966573C5
test@localhost:~> gpgsm --delete-key 0x6CEE184C 0x64D8E349
test@localhost:~> gpgsm --list-keys
test@localhost:~> gpgsm --import gpg-priv-out 
gpgsm: no issuer found in certificate
gpgsm: Grundlegende Zertifikatprüfungen fehlgeschlagen - nicht importiert
gpgsm: no issuer found in certificate
gpgsm: Grundlegende Zertifikatprüfungen fehlgeschlagen - nicht importiert
gpgsm: ksba_cert_hash failed: Kein Wert
gpgsm: gesamte verarbeitete Anzahl: 2
gpgsm:                        nicht importiert: 2
[GNUPG:] FAILURE gpgsm-exit 50331649
test@localhost:~> gpgsm --version
gpgsm (GnuPG) 2.5.7
libgcrypt 1.11.1
libksba 1.6.7
Copyright (C) 2025 g10 Code GmbH
License GNU GPL-3.0-or-later <https://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
 
Home: /home/test/.gnupg
Unterstützte Verfahren:
Cipher: 3DES, AES128, AES192, AES256, SERPENT128, SERPENT192, SERPENT256, SEED, 
CAMELLIA128, CAMELLIA192, CAMELLIA256
Pubkey: RSA, ECC, ECC
Hash: MD5, SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224, WHIRLPOOL
test@localhost:~>
m@ryz:~$ 
 
Is there still an issue or do I use it wrong?

-- 
Gruß
Marco

Send unsolicited bulk mail to [email protected]

Attachment: pgpVG4oTY2rzy.pgp
Description: OpenPGP digital signature

_______________________________________________
Gnupg-users mailing list
[email protected]
https://lists.gnupg.org/mailman/listinfo/gnupg-users

Reply via email to