Page MenuHome GnuPG

Please provide an option to test the LDAP keyserver connection
Open, WishlistPublic

Description

Let's make that idea discussed earlier an official task ...

Stating the obvious: Configuring LDAP keyserver connection is error-prone. A simple typo in the long string of server, port, ou, password etc. will break operation.

That part cannot be changed as it's in the nature of LDAP. But Kleopatra should ease the job by providing a way to test a configured LDAP connection immediately. So that would be a "Test Connection" button that triggers an action fairly similar to ldapwhoiami. In my opinion this provides a great convenience in that fairly awkward area.

Another way to ease configuration was to configure the connection through separate input boxes for the components of that URL, I think this is already being worked on. Although I'd appreciate if Kleopatra could still accept a single URL and do the parsing, preferably using the ldap_url_parse function of libldap.

Event Timeline

cbiedl triaged this task as Wishlist priority.Wed, May 26, 11:34 AM
cbiedl created this task.

You can easily do this with gpg-connect-agent

gpg-connect-agent --dirmngr
> ks_search foo@example.org

Use HELP and HELP <command> to get online help. KEYSERVER has several options and used withou options it lists the used keyservers. You may use

keyserver --clear ldap://foo....

to set a new keyserver for the session. With 2.2.28 the LDAPSERVER command oes also allow tolist configured servers. etc. Isn't this sufficient as test tool? Of course you should enable debug options and use watchgnupg
to see what is going on behind the scenes. For a quick test you may also

dirmngr --server --verbose --debug whaever --log-file -

and enter the commands (but w/o readline support).

Yeah, but cbiedl's issue is about something like that in Kleopatra for "users".

This could be for example a green checkmark next to the keyserver after a configuration change to indicate that the connection worked. This gets more important for our commercial users with restricted networks etc. where they might need proxy settings and so on.

Yes. This is not a backend issue. Kleopatra can determine if it has connection to the keyserver but the issue is about that Kleopatra should determine that and indicate that.