192104 – Kleopatra does not import X.509 certificates if GPG Agent is not configured to allow clients to mark keys as trusted

Bug 192104 - Kleopatra does not import X.509 certificates if GPG Agent is not configured to allow clients to mark keys as trusted

Summary: Kleopatra does not import X.509 certificates if GPG Agent is not configured t...

Status:	RESOLVED UPSTREAM

Alias:	None

Product:	kleopatra
Classification:	Applications
Component:	general (show other bugs)
Version:	2.0.8
Platform:	unspecified Linux

Importance:	NOR normal
Target Milestone:	---
Assignee:	Marc Mutz

URL:
Keywords:

Depends on:
Blocks:

Reported:	2009-05-09 09:59 UTC by schmirrwurst
Modified:	2013-05-08 09:00 UTC (History)
CC List:	8 users (show)

See Also:
Latest Commit:
Version Fixed In:

Attachments
Add an attachment

Note You need to log in before you can comment on or make changes to this bug.

Description schmirrwurst 2009-05-09 09:59:34 UTC

Version:           2.0.5 (using 4.2.3 (KDE 4.2.3), Kubuntu packages)
Compiler:          cc
OS:                Linux (x86_64) release 2.6.28-11-generic

When I try to import a x.509 certificate, I got the message not supported by this version of kleopatra...
On kdeapps, kleopatra is supposed to support those certificates even before version 2...

Comment 1 Elias Probst 2009-08-13 10:36:28 UTC

Same issue here - when trying to import an X.509 cert I just see a messagebox: "The type of this certificate (X.509) is not supported by this Kleopatra installation."

I wonder whether this happens due to missing compile time dependencies on Gentoo.

Investigating further here and will update, if I find out something more.

Comment 2 Roland Wolters 2009-10-30 12:31:04 UTC

Same happens here on Kubuntu 9.10.

Comment 3 Jan Schaefer 2010-04-27 06:46:11 UTC

I had the same problems under Kubuntu. The message was gone after I did the following:

1. Open Kleopatra
2. Go to Settings -> Configure Kleopatra...
3. Open "GnuPG System" page
4. Open "GPG Agent" tab
5. Set "Allow clients to mark keys as 'trusted'"
6. Klick "OK"

After that it it worked for me.

Nevertheless, the error message is completely wrong, in this case, as Kleopatra actually supports X.509 certificates, but it just requires the right from the GPG Agent to trust certificates. Interestingly, the "Self-Check" of Kleopatra was completely green before. Perhaps there should be an additional test that checks this issue.

Comment 4 Jan Schaefer 2010-04-27 06:49:54 UTC

I changed the title of the bug accordingly

Comment 5 Florent C. 2010-05-09 13:18:53 UTC

Hi,

I can't import X.509 neither. The problem remains the same when I check "Allow clients to mark keys as 'trusted'".

Kleopatra 2.0.12
Kubuntu 10.04

Comment 6 Alexey Neyman 2010-06-29 07:12:52 UTC

Could this bug be confirmed?

I also see the same issue: Kleopatra fails to import X.509 certificate ("This type of certificate (X.509) is not supported in this Kleopatra installation"). Suggested workaround (checking "allow clients to mark...") does not help.

Kubuntu 10.04, Kleopatra 2.0.12.

Comment 7 Alexey Neyman 2010-06-29 07:28:37 UTC

I don't know if it helps: the same certificate can be imported by "gpgsm --import"; it then is printed by "gpgsm -k". However, kleopatra does not show it even after import to gpgsm.

I thought kleopatra is just a frontend for GPG - why it cannot import the same certificate that gpgsm can?

Comment 8 Roland Wolters 2010-07-03 00:43:16 UTC

For me the import via gpgsm worked. However, note that it does not work when you change the password: there is an evil bug in gpgsm currently which prevents you to change the password.
http://marc.info/?l=gnupg-users&m=126451730710129&w=2

After installing a patched version in Kubuntu everything worked fine.

Comment 9 Andre Heinecke 2013-05-08 09:00:14 UTC

This also works fine for me with gpgsm 2.0.19 and kleopatra from KDE 4.10 As the last comment also says this worked and there were no comments in over two Years i guess this was fixed upstream in gpg.