How to extend subkey expiration (kleopatra cannot do this)

Kleopatra can easily extend expiration dates of main keys, but (AFAIK) it cannot extend expiration of subkeys. This means now I cannot encrypt anymore since my subkey expired.

Is there any other way to extend the expiration of the subkey? On windows please, I do not have linux…

Any help is greatly appreciated

Ignore above request please, found a way to do it via windows powershell and gnuPG gpg commands. Thank you.

So by changing (extending) the expiration date of the main keys, it doesn’t reset those subkeys to that same new date??

Shouldn’t they be “linked”?

No, when you have subkeys for separate functions you can have separate expiration for all of them. Especially common to have a shorter expiration for certain subkeys than others.

Interesting… I always had thought they were intertwined so never considered they would have nor have a need for separate expiration dates. I assumed that when I extended the expiration dates for the main keys, the sub-keys created at the same time would also be updated.

With that being said, shouldn’t the key manager program (Kleopatra in this case) deal with those separate expiration dates?

I think that Kleopatra needs to handle this better. Especially now ~two years after we added a default expiration date.

We get the request more frequently. We have it in our tracker: https://dev.gnupg.org/T4717

I hope to get this done for the next version. At least something like a right click on the subkey in the kleopatra details that offers to change the expiry. But it’s not so easy to implement as we need to extend the API Kleopatra uses. Because it’s complicated for Kleopatra to talk with GnuPG’s --edit-key.

That would be nice especially if these subkeys are handled as separate entities.

It looks like it is possible to do in Enigmail