have public key but no secret key unable to decrypt message

I have now spent days looking for an answer, hopefully someone one here will be able to help me. I created a key and thought nothing more of it. I then shared the public key with a marketplace i am looking to purchase a piece of art from as two step verification. when I try to log in I am given a PGP message to decrypt but I am unable to decrypt and read this message. I have tried every which way and it comes up everytime that no secret key is available of error 21 or clipboard contained no OpenPGP. I need to get round this as I have sent the monies to my account which i need to pay the vendor. Any help, please, i’d be so grateful.


I am not an expert, but perhaps I can lend some assistance.

Please perform the following steps:

1 Open Kleopatra
2 Select your certificate
3 Right mouse click on your certificate
4 Click certificate details
5 Select the tab “Technical Details”

Do you see two IDs? One will be your public key and the other will be your private key.

The purpose of this series of steps is to determine if your private key is properly set up. I am hoping that it is. If it isn’t, then we will need others to assist.

Thank you for help. Yes I believe I do have the two IDs, I have attached a screen shot.


Thank you for providing your screenshot.

In your original thread, you mentioned that you have been fighting with this issue for a few days? Yet, in the screenshot, I note that the IDs are valid from 2017-07-27 (today). I also note in the screenshot that in behind the screen with the Technical Details, there appears to be two certificates?

Did you create a new certificate today? Are you right mouse clicking on the correct certificate?

In my situation, I have only one certificate that shows on the prior screen. In other words, I can only select one certificate to right mouse click on. And, in the Technical Details tab, my Valid From date is from last year, when I set up my certificate.

If you go to the Overview Tab (as opposed to the Technical Details tab), do you see the Ownertrust level set as “ultimate”? Under certificate type, do you see “4,096-bit RSA (secret key available)”? For validity, do you see your “correct” start date. For example, mine is “from 2016-12-15 22:04 until forever”.

With this latest series of questions, I am trying to determine if a) you are using the correct certificate (looking at the dates), and b) the private key is installed and available (owner trust level, secret key available).

Sorry, I haven’t explained myself properly there. I started a few days ago, got myself in a mess and then started digging on the web. its obviously something im doing wrong because this is the 3rd time I’ve had this issue. What has thrown me is the key I am talking about was fine when it was created, hence why I used it.

I found a forum and followed the steps to create a new one (this was this morning) the same issue didn’t happened again.i then went to lunch, laptop had restarted and the issue has arisen. I then created a 2nd one which I have deleted the top one as it hadn’t been used but the second one is the public key that i provided this morning to the seller. I have again attached a screenshot.


I am not sure I completely follow your explanation. I am not sure if you need to decrypt a message to gain access to a forum. In that case, you need a specific certificate and private key to work.

Or, in general, you are finding that something is going wrong whenever you create a certificate and then restart your laptop.

Let’s assume that you are having difficulty with your certificate and laptop. I don’t know why that happens. You’ll need to correspond with someone else. But if I were faced with a similar situation, here’s what I would do:

  1. Create my new certificate
  2. Immediately export certificate and private key to a safe location.

When my computer had issues, I would import the necessary keys and continue on.

When I first began, I accidentally erased my certificate. Fortunately, I had backed up my certificate and private key. While I don’t recall my precise steps, I know that I imported whatever was necessary and am functioning properly again.

you’re absolutely right that my issue is I am tying to decrypt a message to log into the marketplace. however, I am unable to decrypt that message as kleopatra is saying i dont have a secret key.

Okay, but all your screenshots shown so far indicate that the certificate was created today and that you do have access to your secret or private key.

In other words, if you were to provide someone with your new public key today, and she responded immediately with an encrypted message, you should be able to decrypt. From your screenshots, it appears that you’ve got everything you need?

So I am guessing you have an older certificate somewhere, one that was created prior to today? You used that older certificate’s public key. And now you can’t decrypt a message that was based off of that older certificate. Do you have backups of your certificate and private key?

nope the public key i provided was created today. When i try to decrypt the message i get the error message saying: No signatures found.

That’s odd.

Out of curiosity, can you encrypt a file and then decrypt it? If yes, then I wonder if the other person correctly encrypted your message? You can also send your public key to someone else and ask him or her to send you an encrypted message. Can you decrypt his or her message? In essence, I am just trying to nail down where the problem lies.

From your screenshots, it seems like everything is there and it should work.

We are reaching the edge of my limited knowledge. You’ll likely need someone more versed in the software. But I hope we’ve defined your problem better.

its doing the same. when i go to decrypt it says no signatures found. I am so miffed, if i cannot access the marketplace thats nearly £1k lost. As i believe i am right in saying that bitcoin cannot be retrieved.

That is really interesting. To recap: from your screenshots, you have your private and public keys present. Everything appears good. Yet, when you encrypt and decrypt a file, you get a message about signatures. That seems very odd.

I hope someone else jumps in to assist. My fear is that you were missing a key. But from your screenshots, it appears that your keys are present.

If you haven’t already done so, please back up your public and private keys. If in the process of troubleshooting, you lose your certificate, you can reinstall.

I will be following this thread. Good luck!

your saying that the secret key is present but I cant see how it is. When i right click the option to export secret key is greyed out. surely that cant be right? I also found this strange. when I right click and go to user id and certificates it says user id not found when i click load certificates

Yeah, something is amiss somewhere. Earlier when you provided your screenshots, it appeared that everything is there and functioning. Yet, when you go to export, you have things that are grayed out, then something isn’t correct.

I am hoping it is a software or installation issue. You can see your two keys in your screenshot, so that gives me hope.

I am at the limits of my knowledge. So I hope someone else provides some guidance for you.

Hi, guys.

Yes, there’s definitely something missing, or at least wrong.
When you list your keys/certificates you should see a difference between only-public keys and those that have a secret key. Thos with dual keys should be bold. That way you know they are your keys.

Here’s a picture. Do note that I’m running latest beta of GPG4Win, 273. So the interface is somewhat different.

You can see that I have an old kim.nilsson key that I don’t have the secret key to, and therefore it is not bold.


Hi folks, Hi Roger,

sorry to read that you are having issues.
If they still persist until today, can you state the version of Gpg4win you are using?

Are you comfortable with using the cmd line in windows?
(This is sometimes easier to diagnose a problem.)
If yes, could you run the following commands:

gpg --list-secret-keys
gpg --list-keys

You can test crypt there as well:
echo Hello | gpg --encrypt --recipient Bernhard >x.gpg
gpg2 --decrypt x.gpg

Does it work?

Hi Bernhard,

I have run the cmd line and there is no secret key coming up, only public.


Hi Roger,

if the pubkey is listed, (with --list-keys) and the corresponding secret key is not (with --list-secret-keys) then this instance of GnuPG does not have the secret part properly imported.

In your first screenshot there is a file secring.gpg, please try to import it like

gpg -v --import secring.gpg

What happens?

Please: state the version of gpg4win you are and were using.
Is or was there any other version of GnuPG, PGP or Gpg4win installed?
If so: Which version and when?
How did you create the keypair in particular?

Best Regards,

My idea is that you have created the keypair with an elder version of GnuPG (e.g. 2.0.x)
that created secring.gpg, then somehow a new version is used without migration (which saves the secret keys in privat-keys-v1.d and does not find them in the old place, if it thinks the migration was already done.

I’m not sure this can happen. Maybe because you have two versions of GnuPG installed.

Another idea is that you’ve created an S/MIME keypair instead of an OpenPGP one.