* gpgsm, certificate expired, different certificate, epa does not encrypt
@ 2013-12-18 10:25 Uwe Brauer
2013-12-18 17:28 ` [SOLVED] (was: gpgsm, certificate expired, different certificate, epa does not encrypt) Uwe Brauer
0 siblings, 1 reply; 2+ messages in thread
From: Uwe Brauer @ 2013-12-18 10:25 UTC (permalink / raw)
To: ding; +Cc: Daiki Ueno
[-- Attachment #1.1: Type: text/plain, Size: 570 bytes --]
Hello
I have several email accounts with different (comodo certificates).
Now one certificate for the address address1@gmail.com has expired.
However I want to send an email from address2 (whose certificate is
*not* expired) to a recipient.
However when I try to encrypt this message, it does not work.
I obtain an error message,
whose epa bug trace I attach. It is not clear to me, who is the culprit,
epa or gpgsm.
But I consider this is a BUG, I don't want to use the expired
certificate but one which is not expired.
thanks
Uwe Brauer
[-- Attachment #1.2: gpg-experied --]
[-- Type: text/plain, Size: 3504 bytes --]
gpgsm --no-tty --status-fd 1 --yes --output /tmp/oub/epg-outputR_HIIF --detach-sign -u F69E1EFB6147C786
gpgsm: note: non-critical certificate policy not allowed
gpgsm: note: non-critical certificate policy not allowed
gpgsm: note: non-critical certificate policy not allowed
gpgsm: CRLs not checked due to --disable-crl-checks option
gpgsm: certificate has expired
gpgsm: (expired at 2013-12-16 23:59:59)
gpgsm: note: non-critical certificate policy not allowed
gpgsm: note: non-critical certificate policy not allowed
gpgsm: note: non-critical certificate policy not allowed
gpgsm: CRLs not checked due to --disable-crl-checks option
gpgsm: NOTE: won't be able to encrypt to `<burrurr@gmail.com>': Certificate expired
gpgsm: DBG: adding certificates at level -1
[GNUPG:] SIG_CREATED D 1 2 00 20131218T101015 AF791B3AE3CCA0A1A9575730F69E1EFB6147C786
gpgsm: signature created
gpgsm --no-tty --status-fd 1 --yes --output /tmp/oub/epg-outputR_HVSL --encrypt -r 768D0C6F306269A7 -r F69E1EFB6147C786
gpgsm: note: non-critical certificate policy not allowed
gpgsm: note: non-critical certificate policy not allowed
gpgsm: note: non-critical certificate policy not allowed
gpgsm: CRLs not checked due to --disable-crl-checks option
gpgsm: note: non-critical certificate policy not allowed
gpgsm: note: non-critical certificate policy not allowed
gpgsm: note: non-critical certificate policy not allowed
gpgsm: CRLs not checked due to --disable-crl-checks option
gpgsm: certificate has expired
gpgsm: (expired at 2013-12-16 23:59:59)
gpgsm: note: non-critical certificate policy not allowed
gpgsm: note: non-critical certificate policy not allowed
gpgsm: note: non-critical certificate policy not allowed
gpgsm: CRLs not checked due to --disable-crl-checks option
gpgsm: can't encrypt to `<burrurr@gmail.com>': Certificate expired
[GNUPG:] INV_RECP 5 <burrurr@gmail.com>
gpgsm --no-tty --status-fd 1 --yes --output /tmp/oub/epg-outputR_HicR --detach-sign -u F69E1EFB6147C786
gpgsm: note: non-critical certificate policy not allowed
gpgsm: note: non-critical certificate policy not allowed
gpgsm: note: non-critical certificate policy not allowed
gpgsm: CRLs not checked due to --disable-crl-checks option
gpgsm: certificate has expired
gpgsm: (expired at 2013-12-16 23:59:59)
gpgsm: note: non-critical certificate policy not allowed
gpgsm: note: non-critical certificate policy not allowed
gpgsm: note: non-critical certificate policy not allowed
gpgsm: CRLs not checked due to --disable-crl-checks option
gpgsm: NOTE: won't be able to encrypt to `<burrurr@gmail.com>': Certificate expired
gpgsm: DBG: adding certificates at level -1
[GNUPG:] SIG_CREATED D 1 2 00 20131218T101051 AF791B3AE3CCA0A1A9575730F69E1EFB6147C786
gpgsm: signature created
gpgsm --no-tty --status-fd 1 --yes --output /tmp/oub/epg-outputR_HvmX --encrypt -r F69E1EFB6147C786 -r F69E1EFB6147C786
gpgsm: note: non-critical certificate policy not allowed
gpgsm: note: non-critical certificate policy not allowed
gpgsm: note: non-critical certificate policy not allowed
gpgsm: CRLs not checked due to --disable-crl-checks option
gpgsm: certificate has expired
gpgsm: (expired at 2013-12-16 23:59:59)
gpgsm: note: non-critical certificate policy not allowed
gpgsm: note: non-critical certificate policy not allowed
gpgsm: note: non-critical certificate policy not allowed
gpgsm: CRLs not checked due to --disable-crl-checks option
gpgsm: can't encrypt to `<burrurr@gmail.com>': Certificate expired
[GNUPG:] INV_RECP 5 <burrurr@gmail.com>
[-- Attachment #2: smime.p7s --]
[-- Type: application/pkcs7-signature, Size: 5556 bytes --]
^ permalink raw reply [flat|nested] 2+ messages in thread
* [SOLVED] (was: gpgsm, certificate expired, different certificate, epa does not encrypt)
2013-12-18 10:25 gpgsm, certificate expired, different certificate, epa does not encrypt Uwe Brauer
@ 2013-12-18 17:28 ` Uwe Brauer
0 siblings, 0 replies; 2+ messages in thread
From: Uwe Brauer @ 2013-12-18 17:28 UTC (permalink / raw)
To: ding; +Cc: Daiki Ueno
[-- Attachment #1: Type: text/plain, Size: 341 bytes --]
>> "Uwe" == Uwe Brauer <oub@mat.ucm.es> writes:
> Hello
> I have several email accounts with different (comodo certificates).
> Now one certificate for the address address1@gmail.com has expired.
Sorry, I found the culprit, I had the line
encrypt-to <address1@gmail.com>
in my gpgsm.conf file
thanks
Uwe Brauer
[-- Attachment #2: smime.p7s --]
[-- Type: application/pkcs7-signature, Size: 5556 bytes --]
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2013-12-18 17:28 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2013-12-18 10:25 gpgsm, certificate expired, different certificate, epa does not encrypt Uwe Brauer
2013-12-18 17:28 ` [SOLVED] (was: gpgsm, certificate expired, different certificate, epa does not encrypt) Uwe Brauer
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).