Can't use local mailvelope keyserver

T. Initus's Avatar

T. Initus

27 Aug, 2019 10:32 PM


I configured a local mailvelope keyserver, which works well if queried manually using hkps:

openssl s_client -connect
GET /pks/lookup?op=get&keyId=0xabcdef1234567890&options=mr

However when using gpgtools/GPG Keychain and setting the keyserver there to, all I get is "bad server".

When observing traffic with Wireshark, i notice the ssl connection being terminated right after the key exchange.

I've tried to run a "fake" ssl server using openssl s_server on port 443, but all I get is the same behaviour.

Using: GPG Suite 2019.1 2542n, GPG Kychain 1.5 1579n

  1. 1 Posted by T. Initus on 27 Aug, 2019 10:34 PM

    T. Initus's Avatar

    Since there were these automated suggestions: There is no firewall issue, since openssl is able to connect.

  2. 2 Posted by T. Initus on 28 Aug, 2019 07:05 AM

    T. Initus's Avatar

    I however have the impression it is unlikely to be a certificate issue either, since:

    $ /usr/local/MacGPG2/bin/dirmngr -vvvv --no-detach (...) dirmngr[2891.0]: Vertrauenswürdiges Zertifikat `/Users/t/keyserver.pem' wurde geladen
    (...) OK Dirmngr 2.2.17 at your service
    KEYSERVER hkps://
    KS_GET (fingerprint)
    dirmngr[2891.0]: resolve_dns_addr for '': '' [already known]
    (...) OK

    works just fine and as expected.

  3. Support Staff 3 Posted by Luke Le on 17 Sep, 2019 12:49 PM

    Luke Le's Avatar

    Hmm... kannst du bitte mal debug logging aktivieren für dirmngr:

    echo "debug-level guru" >> ~/.gnupg/dirmngr.conf
    echo "debug-all" >> ~/.gnupg/dirmngr.conf
    echo "log-file /tmp/dirmngr.log" >> ~/.gnupg/dirmngr.conf
    killall dirmngr

    Dann einen versuch in GPG Keychain ausführen den keyserver zu switchen und /tmp/dirmngr.log hier anhängen.


  4. Steve closed this discussion on 15 Dec, 2019 01:56 PM.

Comments are currently closed for this discussion. You can start a new one.

Keyboard shortcuts


? Show this help
ESC Blurs the current field

Comment Form

r Focus the comment reply box
^ + ↩ Submit the comment

You can use Command ⌘ instead of Control ^ on Mac