This ticket is now obsolete, as we will force the setting of autoencryptUntrusted=0 via the registry in Ticket T8090
- Queries
- All Stories
- Search
- Advanced Search
- Transactions
- Transaction Logs
Advanced Search
Fri, Feb 13
Thu, Feb 12
Thu, Feb 5
This ticket is only for ignoring the autoencryptUntrusted setting. For the gpgolconfig.exe part see T8090
It looks like we get a specific "Invalid public key algorithm" error from gpgme so that we can add helpful information with likely reasons to the error message.
I might add that we recently had a customer support contact where they had that error and asked how they could make using their S/MIME certificates work.
Wed, Feb 4
Backported for VSD 3.4
Fixed. Kleopatra now looks for programs given as plain name (i.e. without any path) first in the GnuPG installation path (as reported by gpgme) and then next to the kleopatra executable. If the program is found at neither location it is run as-is.
Tue, Feb 3
a) Here's a log anyway (ignore it, if decryption does always work):
We'll go with solution no 2 (which is in effect the same as no 1 anyway)
Mon, Feb 2
a) "Prefer S/MIME" only applies to encryption, not decryption. If you do not want to decrypt with GpgOL you have to disable S/MIME in GpgOL.
Backported for VSD 3.4
Done. Example (with default text in English and German translation):
[Welcome] welcome-text[$i]=<h2>Hello, World!</h2> welcome-text[$i][de]=<h2>Hallo, Welt!</h2>
Wed, Jan 21
Jan 13 2026
Jan 9 2026
testing with 2.5/2.6 will wait for special build
Given that the 2.2 fix has been tested and resolved and we don't have another ticket for 2.6, we can close this one.
Jan 8 2026
Dec 23 2025
works in Gpg4win-5.0.0-beta476
If no logging is running in the background (that's something that often trips me…) on consecutive runs:
Dec 12 2025
Dec 10 2025
Indeed. We would need to add different entries to the context menu for each installation. Given that GpgEX needs to be replaced anyway and we will drop the need for a UI server socket (which is anyway only a trigger and no full communication).
Dec 9 2025
Dec 3 2025
Fixed and backported for VSD 3.4.
Ranking as discussed with @ebo
Dec 2 2025
The root cause is that opening the details reloads the certificate. This triggers a change of the key cache. And that triggers are reload of the group.
This also happens in vsd 3.3.2 and gpg4win-5.0.0-beta413 @ win11
Nov 27 2025
Ok, then this is only an issue in the VSD versions. (I confirmed with a quick test with Gpg4win-5.0.0-beta413)
Nov 26 2025
It would be possible as a workaround in Kleopatra to show any identical entries only once. Saving after that will not add any more entries.
Good catch. My guess is that get_uid_for_sender returns the last matching UID without checking for revocations. The matching was done on the mailbox part only. For reference:
Nov 25 2025
This seems to apply only for non vsd compliant algos. Importing and certifying a
- rsa/brainpool cert results in security level 4
- cv25519 cert results in security level 2
I rechecked: the revoked userid has to match the email address of the sender. Still there's another non revoked userid with the same email address:
Do you mean one of the user-ids has been revoked or the one matching the mail sender?
Nov 24 2025
Best test this with a newer installer than gpg4win-5.0.0-beta413 to avoid the regression with the raw HTML (see T7886#208675).
Nov 19 2025
Nov 18 2025
Nov 17 2025
The error dialog now has a button to show the audit log (named Diagnostics).
Nov 14 2025
@werner sees no reason to define a new status error for everything in gpg. So let's stick with this Kleopatra ticket and adding the "Audit Log"/"Diagnostics" button.
Nov 13 2025
Conclusion: gpg needs to emit a more useful status error. -> subticket
gpgme logs:
2025-11-13 11:22:26 gpgme[28014.6de1] _gpgme_io_read: check: [GNUPG:] KEY_NOT_CREATED <LF> 2025-11-13 11:22:26 gpgme[28014.6de1] _gpgme_io_read: check: [GNUPG:] FAILURE gpg-exit 33554433<LF>
where 33554433 means (GPG_ERR_SOURCE_GPG, GPG_ERR_GENERAL) = (GnuPG, General error)
For Kleopatra we need to add an "Audit log" button to the error dialog. And we need to check if gpg is giving us a useful error that we (gpgme) are ignoring or if gpg doesn't throw a useful error. What do the gpgme logs say?
meanwhile it looks like this in Kleopatra, it has now the blue sign but the issue is still the same:
what do we want here? "No public key" would be better that "General error" but then we would still have the same issue as here: T7886: Kleopatra: Enhance error on missing subkey, if set by default-new-key-adsk.
Nov 12 2025
Nov 10 2025
Nov 6 2025
This here is resolved, for timegrids findings see other ticket, the issue is not related to the one from this ticket and no regression, as it turned out. And difficult to trigger.
Nov 5 2025
In T7911#207826, @timegrid wrote:So, for the current vsd docs (3.3): https://gnupg.com/vsd/kleopatra-settings.html
This would be more correct, if i understood it right?HKEY_LOCAL_MACHINE\Software\Wow6432node\GNU\Kleopatra HKEY_CURRENT_USER\Software\Wow6432node\GNU\Kleopatra
