diff options
| author | Werner Koch <[email protected]> | 2019-11-18 17:23:04 +0000 |
|---|---|---|
| committer | Werner Koch <[email protected]> | 2019-11-18 17:26:55 +0000 |
| commit | d9c7935188483dae381c12e7eef19072bbade4b3 (patch) | |
| tree | ef9db43e7de0a46eec8216d173cfc53ab76b79ff /dirmngr/t-ldap-parse-uri.c | |
| parent | dirmngr: Forward http redirect warnings to gpg. (diff) | |
| download | gnupg-d9c7935188483dae381c12e7eef19072bbade4b3.tar.gz gnupg-d9c7935188483dae381c12e7eef19072bbade4b3.zip | |
dirmngr,gpg: Better diagnostic in case of bad TLS certificates.
* doc/DETAILS: Specify new status code "NOTE".
* dirmngr/ks-engine-http.c (ks_http_fetch): Print a NOTE status for a
bad TLS certificate.
* g10/call-dirmngr.c (ks_status_cb): Detect this status.
--
For example a
gpg -v --locate-external-keys [email protected]
now yields
gpg: Note: server uses an invalid certificate
gpg: (further info: bad cert for 'posteo.net': \
Hostname does not match the certificate)
gpg: error retrieving '[email protected]' via WKD: Wrong name
gpg: error reading key: Wrong name
(without -v the "further info" line is not shown). Note that even
after years Posteo is not able to provide a valid certificate for
their .net addresses. Anyway, this help to show the feature.
Signed-off-by: Werner Koch <[email protected]>
Diffstat (limited to 'dirmngr/t-ldap-parse-uri.c')
0 files changed, 0 insertions, 0 deletions