Page MenuHome GnuPG
Create Task
Maniphest T5760

Kleopatra hangs loading certificate cache on Windows 11
Closed, ResolvedPublic
Actions

Description

$ gpg --version
gpg (GnuPG) 2.3.4
libgcrypt 1.9.4
Copyright (C) 2021 g10 Code GmbH
License GNU GPL-3.0-or-later <https://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Home: C:\Users\Jamin Collins\AppData\Roaming\gnupg
Supported algorithms:
Pubkey: RSA, ELG, DSA, ECDH, ECDSA, EDDSA
Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH,
        CAMELLIA128, CAMELLIA192, CAMELLIA256
AEAD: EAX, OCB
Hash: SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
Compression: Uncompressed, ZIP, ZLIB, BZIP2

Initially, the following works fine from a command line:

gpg -K

Displaying the secret keys that are known.

However, attempting to open Kleopatra results in a perpetually spinning progress indicator with a label stating Loading certificate cache....

Once Kleopatra has been opened and the above indicator shown, it is no longer possible to list the secret keys from the command line gpg -K, the command hangs.

I am using a YubiKey 4 Nano, if that makes any difference.

Details

Version
4.0.0

Related Objects

Event Timeline

JaminCollins renamed this task from Kleopatra hangs ___ on Windows 11 to Kleopatra hangs loading certificate cache on Windows 11.Jan 6 2022, 10:45 PM
JaminCollins created this task.
JaminCollins added a comment.Jan 7 2022, 7:02 PM

Should also note that once the GUI is opened, GnuPG's smartcard deamon (32 bit) transitions to Very high power usage and appears stuck there, consuming a full logical core's worth of CPU time.

JaminCollins added a comment.Jan 7 2022, 7:09 PM

Downgraded the gnupg to 2.2.33 using this installer and I am now able to successfully open the Kleopatra GUI.

werner added a subscriber: werner.Jan 8 2022, 8:24 PM

See T5758. The workaround is not to set a reader-port.

werner closed this task as Resolved.Jan 20 2022, 8:41 AM
werner claimed this task.
bernhard added a subscriber: bernhard.EditedFeb 17 2022, 8:59 AM

In https://wald.intevation.org/forum/forum.php?thread_id=2395&forum_id=21&group_id=11 "Kim Nilsson on 2022-02-15 16:48" reports that

"suggested "workaround" to not set a smartcard port doesn't work for me.
Only thing that works is to force-kill the scdaemon."

exoosh added a subscriber: exoosh.Jun 28 2023, 11:01 AM

Thanks for the suggested workaround, I am going to try that. And thanks for pointing out this could be related to something like a Yubikey attached. Having the same symptoms as those described in T4581 and here.

I have found that sometimes after shutting down Kleopatra, the certificate cache will load very quickly the next time around when starting Kleopatra (without any other changes). But it's not a reliable workaround as sometimes it will still take its time or eventually never finish before I shutdown the machine.

PS: wanted to add that I do have two USB keys attached to one of the systems in question, both of which technically qualify as smart cards. One is a Feitian ePass Fido2 A4B USB, the other a Feitian Rockey2 or Rockey4ND.

assarbad mentioned this in T6623: Kleopatra hangs "Loading certificate cache" on Windows 10.Jul 29 2023, 10:40 PM