Next: Invoking GPG-AGENT [Contents][Index]
Unfortunately the installation guide has not been finished in time. Instead of delaying the release of GnuPG 2.0 even further, I decided to release without that guide. The chapter on gpg-agent and gpgsm do include brief information on how to set up the whole thing. Please watch the GnuPG website for updates of the documentation. In the meantime you may search the GnuPG mailing list archives or ask on the gnupg-users mailing list for advise on how to solve problems or how to get that whole thing up and running.
** Building the software
Building the software is described in the file INSTALL. Given that you are already reading this documentation we can only give some extra hints.
To comply with the rules on GNU systems you should have build time
configured gnupg
using:
./configure --sysconfdir=/etc --localstatedir=/var
This is to make sure that system wide configuration files are searched in the directory /etc and variable data below /var; the default would be to also install them below /usr/local where the binaries get installed. If you selected to use the --prefix=/ you obviously don’t need those option as they are the default then.
** Notes on setting a root CA key to trusted
X.509 is based on a hierarchical key infrastructure. At the root of the tree a trusted anchor (root certificate) is required. There are usually no other means of verifying whether this root certificate is trustworthy than looking it up in a list. GnuPG uses a file (trustlist.txt) to keep track of all root certificates it knows about. There are 3 ways to get certificates into this list:
gpgsm
ask you whether you want to insert a new root
certificate. This feature is enabled by default; you may disable it
using the option no-allow-mark-trusted into
gpg-agent.conf.
Next: Invoking GPG-AGENT [Contents][Index]