GPG Keychain: Key Revoke / un-Revoke

dza's Avatar


08 Jan, 2019 09:40 AM


I have been using a key for some time and gradually added email addresses to it. I now no longer have access to the ‘Primary’ email address and was trying to remove that email and add a new work one. I ran into trouble and couldn’t seem to change the ‘Primary’. Instead, I decided to try revoking the key and then re-adding only my active email addresses.

Now that I’ve done this it is allowing me to ‘remove’ the defunct email address after all. Is there a way to undo the ‘revoke certificate’ and just remove the dead one? What’s the best way to proceed?


I was hoping to remove a dead email and add a live one.

Additional info
I have revoked the key, and should probably not have done this: can I un-revoke it?

macOS                   10.13.6     17G4015
GPG Suite               2018.1      2083    (9658b70)
GPGMail                 3.0b4       1272    (461cda15)
GPG Keychain            1.4.2       1403    (128637e)
GPGServices             1.11.2      969     (e5438f7)
MacGPG                  2.2.3       900     (cead4f9)
GPG Suite Preferences   2.1.1       993     (05eb1a6)
Libmacgpg               0.8.2       829     (943132e)
pinentry           9       (db18340)
  1. Support Staff 1 Posted by Steve on 16 Jan, 2019 05:30 PM

    Steve's Avatar

    Hi dza,

    welcome to the GPGTools support platform. Sorry you are having problems using GPG Suite.

    There's no way to unrevoke your key. Make sure to keep it in GPG Keychain as you can use it to decrypt messages encrypted with it's public key part.

    I would suggest to craete a new key with the email addresses you are looking to use. And make sure the old revoked key is also in revoked state on the key servers if the key resides there.

    This KB-article explains how to add more than one email address to an existing key. The email addresses in a key are called userIDs and you can add as many as you want. You can of course also create an additional key for the other email address.

    Important note: Note that all email addresses you add to a single key can be connected to one identity. Depending on your use-case this might be wanted or should be avoided. Please consider that first and then proceed.

    The steps if you need to remove and add a user ID later would be to revoke just the single user ID you do not want to use any longer and add new user IDs as needed. You can then select which user ID to make your primary by right clicking on any user ID in the user IDs tab and then selecting "Primary".

    All the best,

  2. 2 Posted by dza on 17 Jan, 2019 02:27 PM

    dza's Avatar


  3. Steve closed this discussion on 23 Jan, 2019 05:33 PM.

Comments are currently closed for this discussion. You can start a new one.

Keyboard shortcuts


? Show this help
ESC Blurs the current field

Comment Form

r Focus the comment reply box
^ + ↩ Submit the comment

You can use Command ⌘ instead of Control ^ on Mac