Video Screencast Help

PGP Verified Directory

Created: 13 Sep 2011 | 2 comments


We currently use a PGP server to process our emails, this all works fine for a user that is added by an administrator into external users.  When a user is added via the Verified Directory and an email is sent out PGP desktop gives an error stating that it cannot find a key.  Could this be down to PGP not looking in the verified directory for these keys?  When looking on the PGP Universal Server GUI I can see the users and keys in there.

Can anyone shed any light on this?


Comments 2 CommentsJump to latest comment

jjpenney's picture

Do you have version 3.x? If so, can you check the rule that these messages are hitting (most likely to be either the 'Always Encrypt Sensitive Messages' rule or the 'Send Message' rule), and take a look at the 'Actions' section. I'd imagine that you have the 'require verified key' option enabled. You should disable this to allow encryption to the VKD users.

I believe this is actually fixed in 3.2.0, so you should consider upgrading.

bnilsson's picture

Acctually, the rule that encrypts in all cases, is the last in the final chain (Outbound: Server Only in this case as the chain, and Send Message as the rule). What you could do is to simply change that rule first of. Or add a own before it. But yes, the default rule chain setup has been "broken" since the 3.x releases, and partially fixed in 3.2, but not to (my) satisfaction.

The rule "Always Encrypt Sensitive Messages" should not hit in this case, since the sensitivity is not set per se (this is usually only something done within a MUA.

A simple and good troubleshooting tip is to add logging to each chain, to see how far you go.