How to add an e-mail address to an existing public key using key mapping

To add more email addresses to your own key, please refer to KB-article


In some cases, adding an Email address to an existing public key becomes necessary. For example when you have a public key of an old friend but by now, your friend uses another Email address. You still want to send an encrypted message, but even after refreshing the key from the key servers, you don't find the new Email address in his key.

Add Email address to existing public key

  1. open Terminal
  2. copy / paste the following command
    defaults write org.gpgtools.common KeyMapping -dict-add 'email' fingerprint (fingerprint must not contain any spaces)
  3. replace Email and fingerprint with the according values
  4. to verify if the key mapping did work enter
    defaults read org.gpgtools.common KeyMapping

If you also want to specify a domain please instead use the following command

defaults write org.gpgtools.common KeyMapping -dict-add *@domain.com fingerprint

Replace Email and fingerprint with the appropriate info (fingerprint must not contain any spaces)

Restart Mail.app to ensure the changes will be reflected. Note: this change will not be visible in GPG Keychain, nonetheless you are now able to encrypt to the new Email address using the old key.

Remove mapping

  1. open new finder window
  2. press shift + cmd + g and paste
    ~/Library/Preferences/org.gpgtools.common.plist
  3. edit the file to remove specific mappings or delete the file to remove all mapping

See also

  • How to use the group feature to encrypt content to multiple public keys by using a single address