Description of problem: Dirmngr does not report HKPS support and `gpg2 --refresh-keys` fails when using a HKPS keyserver. Version-Release number of selected component (if applicable): Name : gnupg2 Arch : x86_64 Epoch : 0 Version : 2.1.4 Release : 1.fc22 Size : 6.9 M Repo : @System From repo : updates-testing How reproducible: Configure gpg2 to use an HKPS server and attempt to refresh keys. Steps to Reproduce: 1. Configure gpg2 to use an HKPS server. Instructions: https://sks-keyservers.net/overview-of-pools.php#pool_hkps 2. Attempt to refresh your keyring: `gpg2 --refresh-keys` Actual results: $ gpg2 --refresh-keys gpg: refreshing 8 keys from hkps://hkps.pool.sks-keyservers.net gpg: keyserver refresh failed: No keyserver available $ dirmngr dirmngr[574.0]: error opening '/home/gtank/.gnupg/dirmngr_ldapservers.conf': No such file or directory dirmngr[574.0]: permanently loaded certificates: 0 dirmngr[574.0]: runtime cached certificates: 0 # Home: ~/.gnupg # Config: /home/gtank/.gnupg/dirmngr.conf OK Dirmngr 2.1.4 at your service KEYSERVER --help S # Known schemata: S # hkp S # http S # finger S # kdns S # ldap S # (Use an URL for engine specific help.) OK Expected results: gpg2 should be able to contact keyserver and dirmngr should report an hkps schema. Additional info: This is possibly because dirmngr was not compiled with gnutls support. See http://www.gossamer-threads.com/lists/gnupg/users/69755#69755
Unfortunately this cannot be added to Fedora 22 as the gnutls would pull trousers, systemd and multiple other packages into mock buildroot and other limited root installs.
After spending the best part of a day trying to figure out why HKPS support wouldn't work - and finally coming across this bug report, I'm a bit confused at the closing reason. Are you saying that this can't be built in mock due to dependencies? or its too hard? or something else?
Yes, this can't be built in mock due to dependencies. The trousers package would first have to be split in already released Fedora 22 and that is something we do not want to do as it could cause unwanted dependency issues for people that use trousers. So you will have to wait to Fedora 23 for the HKPS support.
*** Bug 1241984 has been marked as a duplicate of this bug. ***
*** Bug 1287052 has been marked as a duplicate of this bug. ***