Page MenuHome GnuPG

dirmngr: hkps connections should default to system trust if --hkp-cacert is not given
Open, NormalPublic


currently, if no --hkp-cacert option is provided, and the keyserver hostname is
anything but, no X.509 trust anchors are used,
which means that hkps connections from dirmngr must fail.

Instead, hkps connections from dirmngr should default to using system trust,
which could be overridden by setting hkp-cacert directly.

see initial discussion here:



Event Timeline

dkg set Version to 2.1.14.
dkg added a subscriber: dkg.