Most of the time, you will acquire new certificates by verifying signatures in emails, since certificates are embedded in the signatures made using them most of the time. However, if you need to send a mail to someone you have not yet had contact with, you need to fetch the certificate from an LDAP folder (although GpgSM can do this automatically), or from a file. You also need to import your own certificate after receiving the CA answer to your certification request.
To search for a certificate in an LDAP directory, select → and enter some text (e.g. the name of the person you want the certificate for) into the line edit of the Keyserver Certificate Lookup dialog, then click on the Search button. The results will be displayed in the key list below the search bar, where you can select certificates to look at them by clicking the button or download them with into the local keybox.
You can configure the list of LDAP servers to search in the Directory Services page of Kleopatra's configure dialog.
If you received the certificate as a file, try → (Ctrl+I) . GpgSM needs to understand the format of the certificate file; please refer to GpgSM's manual for a list of supported file formats.
If you did not create your
keypair with GpgSM, you also need to manually import the
public key (as well as the secret key) from the PKCS#12 file you got from
the CA. You can do this on the command line with
within Kleopatra with
just as you would to for “normal” certificates.