Needless to say that
gpgsm --list-secret-keys just returns
C:\Users\myusername\AppData\Roaming\gnupg\pubring.kbx
So the point is, I caannot figure out how to decrypt the file using gpgsm.
Tried also to import privatekey.pem but got “no issuer…” which is normal for the private key…
Also if i use same keys private, public to encrypt/decrypt using OpenSSL (same x.509) everything works fine.
a precondition for CMS crypto operations is that
gpgsm --list-secret-keys
shows your private key, so please import it first (and the corresponding pubkey).
Note that you must configure the certificate chain properly for production usage,
see https://wiki.gnupg.org/X.509, otherwise use the option --disable-crl-checks.
Thank you very much Bernhard for your answer. I must say that this is what I also have understood, reading many similar articles, so I tried to:
gpgsm --import privatekey.pem
but what I get is an error importing due to “No issuer” for my private key.
And that’s ahat puzzles me, Shouldnt I be able for test/dev reasons be able to create a private, public key pair, self-sign the certificate and import it and use the public key for encryption and the private key for decryption? Why the private needs an issuer?!
good question, at least the root-CA would need to have a private key imported.
(But for most use cases of Gpg4win it is not relevant,at it is a rare case that you would want to run a root CA. If you would direct trust, you could more easily use OpenPGP instead of CMS.)
As there are many CMS related standards, I do not know them all by heart.
My idea would be: Maybe the standard demands an issuer for all certificates at least the certs I’ve seen always had one, even if it was the cert itself (root certificate).
The other idea is that it is a defect.
My suggestion: Try this with gpgsm for a modern GnuPG (2.1.21) on GNU/Linux and then ask on gnupg-users@ and next on gnupg-devel@.
I am trying to access my account to retrieve GRE scores but there I keep getting the no secret key message. I am using the gui version. Are there any tips?