Can't use local mailvelope keyserver
Hi,
I configured a local mailvelope keyserver, which works well if queried manually using hkps:
openssl s_client -connect 192.0.2.15:443
GET /pks/lookup?op=get&keyId=0xabcdef1234567890&options=mr
However when using gpgtools/GPG Keychain and setting the keyserver there to 192.0.2.15, all I get is "bad server".
When observing traffic with Wireshark, i notice the ssl connection being terminated right after the key exchange.
I've tried to run a "fake" ssl server using openssl s_server on port 443, but all I get is the same behaviour.
Using: GPG Suite 2019.1 2542n, GPG Kychain 1.5 1579n
Comments are currently closed for this discussion. You can start a new one.
Keyboard shortcuts
Generic
? | Show this help |
---|---|
ESC | Blurs the current field |
Comment Form
r | Focus the comment reply box |
---|---|
^ + ↩ | Submit the comment |
You can use Command ⌘
instead of Control ^
on Mac
1 Posted by T. Initus on 27 Aug, 2019 10:34 PM
Since there were these automated suggestions: There is no firewall issue, since openssl is able to connect.
2 Posted by T. Initus on 28 Aug, 2019 07:05 AM
I however have the impression it is unlikely to be a certificate issue either, since:
$ /usr/local/MacGPG2/bin/dirmngr -vvvv --no-detach (...) dirmngr[2891.0]: Vertrauenswürdiges Zertifikat `/Users/t/keyserver.pem' wurde geladen
(...) OK Dirmngr 2.2.17 at your service
KEYSERVER hkps://keyserver.example.org
OK
KS_GET (fingerprint)
dirmngr[2891.0]: resolve_dns_addr for 'keyserver.example.org': 'keyserver.example.org' [already known]
S SOURCE https://keyserver.example.org:443
(...) OK
works just fine and as expected.
Support Staff 3 Posted by Luke Le on 17 Sep, 2019 12:49 PM
Hmm... kannst du bitte mal debug logging aktivieren für dirmngr:
echo "debug-level guru" >> ~/.gnupg/dirmngr.conf
echo "debug-all" >> ~/.gnupg/dirmngr.conf
echo "log-file /tmp/dirmngr.log" >> ~/.gnupg/dirmngr.conf
killall dirmngr
Dann einen versuch in GPG Keychain ausführen den keyserver zu switchen und /tmp/dirmngr.log hier anhängen.
Danke!
Steve closed this discussion on 15 Dec, 2019 01:56 PM.