I have files delivered to me that are encrypted using my personal public key. When I decrypt them using my private key, the file decrypts successfully but an error is displayed:
“Not enough information to check signature validity”
How can I go about fixing this? Is this an error during the encryption process?
Thank you very much for any input that you can offer.
sometimes you have to put stuff in the trusted area. I remember a pop up you had to answer once the first time and then it was taken care of, but that was on an older version. Not sure how it works now.
Thank you very much for your input. My private certificate shows on the “My Certificates” tab as well as the “Trusted Certificates” tab.
I think it has to do with the person doing the encryption. You have to accept that person (email address) as valid for using that public key. Once that is done it that person/key combo is good from then on.
Greg, thanks for your input. How does one accomplish this? Is there some “certify sender” option in Kleopatra that I’m overlooking?
Thank you very much.
Do you have the sender’s public key? You’ll need that to check their signature since it was made with their private key.
On how to certify a certificate with Kleopatra see:
Point “Authenticating an OpenPGP certificate”
The compendium speaks of “Authenticate Certificate” but in current Kleopatra it is called Certify Certificate (have to update this )
The sender used my public key. Using my private key I CAN decrypt the file and open it in excel. However, I get the aforementioned error.
One more note that may be helpful: we have a hundred clients who send files to us encrypted with our public key. We successfully decrypt all of their files successfully and without issue except for this one client.
To be clear: do any of your other clients sign their files and are you able to verify their signatures?
Encrypting and signing are two very different things. As far as I know, one cannot sign a file with someone else’s public key. Signatures can only be made with one’s own private key and must be verified with the corresponding public key.
I just ran a test and signed a file with a private test key and encrypted it with my own public key. I then deleted the test keys (public and private) and decrypted the file. I got the exact same error message you are getting. I would be willing to bet that if you contacted your client, got his/her public key and added it to your keyring, you would no longer get the error message. Instead, you would get a “good signature” message.
Great input! I’ll give this a try.
No problem. If you would, update us on how it went, Thanks!
I added the encryptor’s public key to Kleopatra and signed it with my personal certificate. After that the error is gone!
Excellent excellent excellent input from you guys.
Thank you very much!