Bug 267808

Summary: Cannot "Trust Root Certificate" of my X.509 cert.
Product: [Applications] kleopatra Reporter: rob
Component: generalAssignee: Emanuel Schütze <emanuel>
Status: RESOLVED WORKSFORME    
Severity: normal CC: aheinecke, emanuel, mutz, rob
Priority: NOR    
Version: unspecified   
Target Milestone: ---   
Platform: Microsoft Windows   
OS: Microsoft Windows   
Latest Commit: Version Fixed In:
Sentry Crash Report:

Description rob 2011-03-06 18:04:35 UTC 
Version:           unspecified (using KDE 1.2) 
OS:                MS Windows

Can't seem to tell Kleopatra or GPG to trust my CA.

Reproducible: Always

Steps to Reproduce:
Imported my 4096-bit RSA cert with secret key successfully.

Had to import Root Cert and Class 1 Primary Intermediate Cert too to get chain to appear properly.

Opened "My Certificates" tab.

Right clicked my root CA and selected "Trust Root Certificate".

Actual Results:  
No change - neither the Trusted Certificates nor the Trusted Root Certificate views change, even after reboot.

Expected Results:  
"Trusted Root Certificate" tab now lists my CA.

My X.509 certificate is listed under "Trusted Certificates" tab.

OS: Microsoft Windows (unknown) release 6.1
Compiler: i586-mingw32msvc-gcc
Comment 1 rob 2011-03-06 18:06:52 UTC 
Kleopatra version 2.1.0 (option wasn't available in bug reporting tool).
KDE version 4.1.4.
Comment 2 Andre Heinecke 2013-05-08 09:11:19 UTC 
In your settings-> Configure Kleopatra ->S/MIME Validation. There is an option for "Allow to mark root certificates as trusted"
This is more of a usability thing then a bug in kleopatra.

Emanuel: Is this still neccessary in gpg4win 2.1.0 ? If not I think we can mark this bug as resolved.
Comment 3 Emanuel Schütze 2013-06-24 15:35:10 UTC 
In Kleopatra 2.1.1 (of Gpg4win 2.1.1) "allow mark trusted" option is enabled by default. So Kleo ask for trust after importing new root certificates and write fingerprint into users' trustlist.txt. 
Works for me without problems.