A Key is Partially Published and Cannot be Found or Deleted on the PGP Global Directory

Article:TECH200966  |  Created: 2012-12-18  |  Updated: 2012-12-19  |  Article URL http://www.symantec.com/docs/TECH200966
Article Type
Technical Solution


Issue



Sometimes a key that was uploaded and published on the PGP Global Directory cannot be found over the LDAP or HTTP protocols.

A key might be published i.e. only via LDAP or only via HTTP on one server but not on the other one.

The key cannot be deleted and a new key cannot be uploaded.

 


Cause



The issue might be caused by clustering issues on the PGP Global Directory.
You can verify if the key is found on the single cluster nodes keyserver1.pgp.com and keyserver2.pgp.com.

 

Use for example PGP Desktop GUI or "ldapsearch" commandline to verify if the key is available via LDAP on any of the servers.

# ldapsearch -x -H "ldap://keyserver1.pgp.com:389" -b 'o=PGP keys' -s subtree "(pgpUserID=*name@domain.tld*)"

# ldapsearch -x -H "ldap://keyserver2.pgp.com:389" -b 'o=PGP keys' -s subtree "(pgpUserID=*name@domain.tld*)"

 

Use for example a browser or "wget" to verify if the key is available via HTTP on any of the servers.

# wget http://keyserver1.pgp.com/vkd/DownloadKey.event?keyid=0x1234567890ABCDEF

# wget http://keyserver2.pgp.com/vkd/DownloadKey.event?keyid=0x1234567890ABCDEF


Solution



Please contact PGP Technical Support to have the affected key removed from the PGP Global Directory.  After the key is deleted, the key can be re-uploaded to the PGP Global Directory.

 




Article URL http://www.symantec.com/docs/TECH200966


Terms of use for this information are found in Legal Notices