Searching and Importing Certificates

Most of the time, you will acquire new certificates by verifying signatures in emails, since certificates are embedded in the signatures made using them most of the time. However, if you need to send a mail to someone you have not yet had contact with, you need to fetch the certificate from an LDAP folder (although GpgSM can do this automatically), or from a file. You also need to import your own certificate after receiving the CA answer to your certification request.

To search for a certificate in an LDAP directory, select FileLookup Certificates on Server and enter some text (e.g. the name of the person you want the certificate for) into the line edit of the Keyserver Certificate Lookup dialog, then click on the Search button. The results will be displayed in the key list below the search bar, where you can select certificates to look at them by clicking the Details button or download them with Import into the local keybox.

You can configure the list of LDAP servers to search in the Directory Services page of Kleopatra's configure dialog.

If you received the certificate as a file, try FileImport Certificates... (Ctrl+I) . GpgSM needs to understand the format of the certificate file; please refer to GpgSM's manual for a list of supported file formats.

If you did not create your keypair with GpgSM, you also need to manually import the public key (as well as the secret key) from the PKCS#12 file you got from the CA. You can do this on the command line with kleopatra --import-certificate filename or from within Kleopatra with FileImport Certificates... (Ctrl+I) , just as you would to for normal certificates.