Page MenuHome GnuPG
Create Task
Maniphest T7772

Kleopatra: Config option - only allow upload of certificates with private key to LDAP keyserver
Testing, NormalPublic
Actions

Description

Only users with the secret key for the certificate should be able to upload certificates to an LDAP keyserver.
This should be activatable via a configuration option (i.e. a registry setting in Windows).

In Kleopatra the option to upload will be greyed out for public keys if the option is set.

This does not affect the capabilities of the command line.

Revisions and Commits

rKLEOPATRA Kleopatra
rKLEOPATRAbed77c838ec2 Add config option for disabling upload of public third-party keys
rKLEOPATRA711daad6fc94 Add config option for disabling upload of public third-party keys

Event Timeline

alexk created this task.Aug 10 2025, 3:32 PM
alexk added projects: vsd34, gpd5x.Aug 10 2025, 4:34 PM
alexk mentioned this in Unknown Object (Maniphest Task).Aug 11 2025, 10:23 AM
ikloecker renamed this task from Kleopatra: Config option - only allow upload of ceritificates with private key to LDAP keyserver to Kleopatra: Config option - only allow upload of certificates with private key to LDAP keyserver.Aug 11 2025, 11:19 AM
ebo triaged this task as Normal priority.Aug 13 2025, 1:56 PM
ebo updated the task description. (Show Details)Nov 26 2025, 3:44 PM
ikloecker claimed this task.Tue, Jan 6, 9:14 AM
ikloecker moved this task from Backlog to WIP on the gpd5x board.
ikloecker added a commit: rKLEOPATRA711daad6fc94: Add config option for disabling upload of public third-party keys.Tue, Jan 6, 9:55 AM
ikloecker added a comment.Tue, Jan 6, 9:58 AM

The option

[Export]
AllowPublicKeyUpload=true

has been added. If this option is disabled (i.e. set to false) then Kleopatra only allows the upload of OpenPGP keys for which the user has the secret key.

ikloecker added a commit: rKLEOPATRAbed77c838ec2: Add config option for disabling upload of public third-party keys.Tue, Jan 6, 10:01 AM
ikloecker changed the task status from Open to Testing.Tue, Jan 6, 10:02 AM
ikloecker moved this task from Backlog to WIP on the vsd34 board.

Backported for VSD 3.4

ikloecker mentioned this in Unknown Object (Maniphest Task).Mon, Jan 12, 9:59 AM