We are using a windows service to decrypt files provided by a partner. When the windows service detects a file to be decrypted, it creates a .bat file with the gpg command for decrypting the file. It then creates a new process instance, starts the process passing in the name of the .bat file. This has been working fine.
We need to move this service to a new server. It appears that this service is running normally on the new server except that the file is not decrypted. That is, nothing happens when the service starts the process to decrypt the file using the .bat file that was created. I don’t see anything in the event log to indicate what is happening.
I had someone copy the gpg command from the .bat file and paste it into a command prompt window on the new server and run it. The file was decrypted successfully. This seems to indicate that the gpg command in the .bat file is correct and the keys used for the decryption are valid on the new server.
GPG4Win v4 is installed on the new server. We are using GPG OpenPGP.
Would turning on logging help troubleshoot this? Would it capture activity from the windows service when it starts the process to decrypt the file via the .bat file?
If so, what should be turned on and is it global or does it need to be turned on specifically for the user the windows service runs as?
I did ask systems to turn on logging but I couldn’t find anything in the log files that were created around the time the service tried to decrypt the file.
The following log files were created when systems turned on logging:
"I did ask systems to turn on logging but I couldn’t find anything in the log files that were created around the time the service tried to decrypt the file.
The following log files were created when systems turned on logging:
gpg-agent.log
privkey.log
smime.log"
Honestly, I don’t know what these log-files contain but there is a way to create a log-file which should have the information you need.
When you open “Settings”->“Configure Kleopatra…” a window appears. There you select “GnuPG System” on the left and then in the tab “OpenPGP” there is the option “Set the debugging level to”. For the start I think the first level “Basic” is sufficient and it will be easier to find something because there will be created less entries. In the option below you can also select a file where the logging information is written to. This log-file contains information you also see if you start a gpg-command manually in the command line.
In addition: Is it possible for you to get the full output of the .bat file running? (This should included standard output and standard error output, the names of the log files do not indicate if this is in there somewhere.)