Relative path in configuration file

Nessuna risposta
amuza
Offline
Iscritto: 02/12/2018

Hi,

I already asked about this at the GnuPG users mailing list [0], but as I did not get a solution, I am trying here.

I have two Trisquel 8 computers syncing their ~/.gnupg directories.
"alice" is my username in one computer, "bob" is my username in the other one.

I have a CA certificate stored in my home directory of both computers, and would like to keep it there.

GnuPG works ok with the certificate at Alice's computer if I edit its ~/.gnupg/gpg.conf file and write:

keyserver-options ca-cert-file=/home/alice/keyserverCA.pem

And GnuPG works ok with the certificate at Bob's computer if I edit its ~/.gnupg/gpg.conf file and write:

keyserver-options ca-cert-file=/home/bob/keyserversCA.pem

The problem is, by specifying usernames alice and bob, when syncing, that line won't work anymore in one of the two computers because it username won't match the home directory.

In order to solve it, I have been editing ~/.gnupg/gpg.conf file, in several ways:

(0)
keyserver-options ca-cert-file=~/keyserverCA.pem

(1)
keyserver-options ca-cert-file=../keyserversCA.pem

(2)
keyserver-options ca-cert-file=$HOME/keyserverCA.pem

(3)
keyserver-options ca-cert-file="$HOME/keyserverCA.pem"

(4)
Then I created a symbolic link and did:
keyserver-options ca-cert-file=symlink_to_home/keyserversCA.pem

(5)
Then I tried by moving the certificate into ~/.gnupg/ and then tried:
keyserver-options ca-cert-file=keyserverCA.pem

(6) and
keyserver-options ca-cert-file=./keyserverCA.pem

None of them works. If I try, for instance, gpg --search-keys user at domain.tld, I get the following:

gpg: searching for "user at domain.tld" from hkps server hkps.foo.tld
gpgkeys: HTTP search error 77:
gpg: key "user at domain.tld" not found on keyserver
gpg: keyserver internal error
gpg: keyserver search failed: keyserver error

However, everything works fine if I set the full path.

Any suggestion?

Thanks!

[0] https://lists.gnupg.org/pipermail/gnupg-users/2019-February/061645.html
keyserver-options ca-cert-file=./keyserverCA.pem