I created a key pair using Kleopatra for a client. They are encrypting the files and sending them to me. When I get their files, encrypted with the public key, Kleopatra says the data was not encrypted for any secret key in my certificate list. However, that key is in my list. My provider is using Symantec to encrypt. Is there a compatibility issue between Kleopatra and Symantec?
Hello Joni,
I assume by “that key is in my list” you refer to the key Kleopatra tells you to be the only key the data was encrypted to.
This looks like the most common issue people have, which is the person encrypting the data forgot to add your public key (=certificate) as recipient. They only encrypted the data to themself. Otherwise, more keys would have been listed, to which the data was encrypted.
And I’m sure you have their public key aka certificate in your list, but not the secret key. Secret keys are listed in bold fond in Kleopatras certificate list, public keys in “normal” font.
The solution in this case is to tell the sender of the data to encrypt and send it to you again, this time taking care to add your certificate to the recipients.
Hi @Joni,
it is hard to say for sure if there is a compatibility issue with Symantec, because we do not have all the different versions and configurations of Broadcom’s product. However GnuPG fully implements the standard OpenPGPv4 (and others like CMS and LibrePGP) and thus there shouldn’t be a compatibility issue.
See Symantec Endpoint Encryption and PGP Encryption Solutions Comparison
interop with any other encryption solution that use the OpenPGP standard.
(they refer to the OpenPGPv4 standard there, as far as I can say).
My suggestion is to check the command line output to with --verbose
to see what key were really used.
Best Regards,
Bernhard
Thank you Bernhard. I’m new to the encrypt/decrypt. Our client has the requirement that all files be sent encrypted and requested we create the public/private keys so I’m just now learning all the ins and outs of this process.
I created the key pair via Kleopatra and sent them the public key. But --verbose responded that the decryption failed: no secret key. There were two key IDs listed and neither were the key IDs I see in Kleopatra.
I’ve asked them to please resend and ensure the file was encrypted using the key I sent. Maybe it is as simple as that? Let’s hope!
Thank you eebb.
I guess my question was not very clear. I am the one who created the key pair and did so via Kleoptara. The client requires files to be sent encrypted.
I have two keys listed in Kleopatra shows I have to keys in my certificate list. I sent them the public key from the second key in my list because that was the one I had added a recipient to the creation.
I have asked the client to please resend and offered to resend the public key if needed.