Next: , Previous: , Up: Certificate Preparation  


2.3.3 Importing the Certificate into GPGSM

Once the CSR has been signed, you should end up with a certificate file floppy-head.crt, which you then have to import into GPGSM. It is also recommended that you import the root certificate of the CA first in the same fashion.

$ gpgsm --import floppy-head.crt
gpgsm: certificate imported

gpgsm: total number processed: 1
gpgsm:               imported: 1

gpgsm tells you that it has imported the certificate. It is now associated with the key you used when creating the request. To see the content of your certificate, you may now enter:

$ gpgsm -K Floppy
/home/foo/.gnupg/pubring.kbx
---------------------------
Serial number: 10
       Issuer: /CN=Snake Oil CA/OU=Certificate Authority/O=Snake Oil, Ltd/L=Snake Town/ST=Snake Desert/C=XY/EMail=ca@snakeoil.dom
      Subject: /CN=Floppy Head/OU=Webserver Team/O=Snake Oil, Ltd/ST=Snake Desert/C=XY
     validity: 2006-11-11 14:09:12 through 2007-11-11 14:09:12
     key type: 1024 bit RSA
  fingerprint: EC:93:A2:55:C6:58:7F:C9:9E:96:DB:12:6E:64:99:54:BB:E1:94:68

The option “-K” is used above because this will only list certificates for which a private key is available. To see more details, you may use “--dump-secret-keys” instead of “-K”.