#146 ✓released
Luke Le

Check system CA's if cacert file doesn't include a valid CA for a hkps keyserver

Reported by Luke Le | December 13th, 2014 @ 10:48 PM | in 2.0.26b3 (closed)

Curl is by default not telling gnutls to lookup OS X keychain for a valid CA when connecting to a keyserver.
Our patch adds this functionality if there's no ca-cert file specifically specified in gpg.conf
If there is a ca-cert file specified, only that will be checked for valid CAs.

Also, to support hkps connections to the sks-keyservers without additional configuration, macgpg2 bundles the CA cert file for sks-keyservers and curl uses that one by default.

Comments and changes to this ticket

Please Sign in or create a free account to add a new ticket.

With your very own profile, you can contribute to projects, track your activity, watch tickets, receive and update tickets through your email and much more.

New-ticket Create new ticket

Create your profile

Help contribute to this project by taking a few moments to create your personal profile. Create your profile ยป

Shared Ticket Bins

People watching this ticket