gpg2 --refresh-keys general error
Or am I missing something in ~./gnupg/dirmngr.conf?
For me the following fixed it:
$ echo "hkp-cacert /usr/share/gnupg/sks-keyservers.netCA.pem" >> ~/.gnupg/dirmngr.conf
The documentation says that if hkp-cacert
isn't specified it uses the system certificate store for regular hostnames and the the bundled certificate for the default keyserver pool.
$ gpg --search-keys 0B7F8B60E3EDFAE3
gpg: error searching keyserver: General error
gpg: keyserver search failed: General error
$ echo "hkp-cacert /usr/share/gnupg/sks-keyservers.netCA.pem" >> ~/.gnupg/dirmngr.conf
$ systemctl --user stop dirmngr.service # or restart manually, this assumes socket activation
$ gpg --search-keys 0B7F8B60E3EDFAE3
gpg: data source: https://hkps.pool.sks-keyservers.net:443
(1) Kristian Fiskerstrand <[email protected]>
Kristian Fiskerstrand <[email protected]>
Kristian Fiskerstrand <[email protected]>
Kristian Fiskerstrand <[email protected]>
4096 bit RSA key 0B7F8B60E3EDFAE3, created: 2007-12-15, expires: 2020-12-31
...
$ gpg --version
gpg (GnuPG) 2.2.21
Encountered this on 3 machines and it fixed it on 2 machines (Ubuntu Docker and Arch Linux) and the third Arch machine never worked with hkps, only hkp. Despite having the same version of gnupg, no strange configs in ~/gnupg.conf
, and on the same network.
Seems that just specifying keyserver pgp.mit.edu
in gnupg.conf
also fixes it by dropping to the hkp protocol
Pool overview: https://sks-keyservers.net/overview-of-pools.php