[Gpg4win-users-en] unknown keyword in gpgsm --gen-key --batch certificate

Werner Koch wk at gnupg.org
Mon Jan 6 23:27:37 CET 2014

On Fri,  3 Jan 2014 18:37, cristian.baboi at gmail.com said:

> Is it possible to create certificates (not requests) with gpgsm from gpg4win? 

Yes.  Except for CRL stuff all mechanisms to build your own CA software
are there.


  $ ~/b/gnupg-2.0/sm/gpgsm --version
  gpgsm (GnuPG) 2.0.23-beta13
  libgcrypt 1.5.3
  libksba 1.2.0-gitd5bf2a9

  $ ~/b/gnupg-2.0/sm/gpgsm --gen-key
  Please select what kind of key you want:
     (1) RSA
     (2) Existing key
     (3) Existing key from card
  Your selection? 1
  What keysize do you want? (2048) 
  Requested keysize is 2048 bits
  Possible actions for a RSA key:
     (1) sign, encrypt
     (2) sign
     (3) encrypt
  Your selection? 1
  Enter the X.509 subject name: CN=Certy Self
  Enter email addresses (end with an empty line):
  > certy at example.org
  Enter DNS names (optional; end with an empty line):
  Enter URIs (optional; end with an empty line):
  Parameters to be used for the certificate request:
      Key-Type: RSA
      Key-Length: 2048
      Key-Usage: sign, encrypt
      Name-DN: CN=Certy Self
      Name-Email: certy at example.org
  Really create request? (y/N) y
  Now creating certificate request.  This may take a while ...
  gpgsm: DBG: connection to agent established
  gpgsm: about to sign CSR for key: &B06ECC0A214585968676567BAA4CEBA5CAF34B11

2.0.22 should be identical.



Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.

More information about the Gpg4win-users-en mailing list