Choosing the filter for Qualified Electronic Signature results in listing of no certificates at all, although my testkeyring should have had two of those.
While on the test card the key information might be wrong, the other one was a real card for QES.
Description
Description
Details
Details
- Version
- Gpg4win-Beta-75++
Event Timeline
Comment Actions
It works, technically.
But for this to work you have to put the keyword "qual" at the end of the line of the system trustlist.txt file, the user trustlist.txt won't work. Example line:
90C6136C7DEFEFE97CC764F9D2678EAD03E55296 S relax qual
(path to the system trustlist.txt on Windows should be: C:\ProgramData\GNU\etc\gnupg)
See the paragraph about trustlist.txt in the manpage of gpg-agent: https:/www.gnupg.org/documentation/manuals/gnupg24/gpg-agent.1.html
Unfortunately there does not exist a list of CAs that are allowed to officially issue QES certificates…
We should write a HOWTO or something on how to configure this for oneself.