1 # dirmngr-conf.skel - Skeleton to create dirmngr.conf.
2 # (Note that the first three lines are not copied.)
4 # dirmngr.conf - Options for Dirmngr
5 # Written in 2015 by The GnuPG Project <https://gnupg.org>
7 # To the extent possible under law, the authors have dedicated all
8 # copyright and related and neighboring rights to this file to the
9 # public domain worldwide. This file is distributed without any
10 # warranty. You should have received a copy of the CC0 Public Domain
11 # Dedication along with this file. If not, see
12 # <http://creativecommons.org/publicdomain/zero/1.0/>.
15 # Unless you specify which option file to use (with the command line
16 # option "--options filename"), the file ~/.gnupg/dirmngr.conf is used
17 # by dirmngr. The file can contain any long options which are valid
18 # for Dirmngr. If the first non white space character of a line is a
19 # '#', the line is ignored. Empty lines are also ignored. See the
20 # dirmngr man page or the manual for a list of options.
25 # GPG can send and receive keys to and from a keyserver. These
26 # servers can be HKP, Email, or LDAP (if GnuPG is built with LDAP
29 # Example HKP keyservers:
30 # hkp://keys.gnupg.net
32 # Example HKPS keyservers (see --hkp-cacert below):
33 # hkps://hkps.pool.sks-keyservers.net
35 # Example LDAP keyservers:
36 # ldap://pgp.surfnet.nl:11370
38 # Regular URL syntax applies, and you can set an alternate port
39 # through the usual method:
40 # hkp://keyserver.example.net:22742
42 # Most users just set the name and type of their preferred keyserver.
43 # Note that most servers (with the notable exception of
44 # ldap://keyserver.pgp.com) synchronize changes with each other. Note
45 # also that a single server name may actually point to multiple
46 # servers via DNS round-robin. hkp://keys.gnupg.net is an example of
47 # such a "server", which spreads the load over a number of physical
50 keyserver hkp://keys.gnupg.net
52 # --hkp-cacert FILENAME
54 # For the "hkps" scheme (keyserver access over TLS), Dirmngr needs to
55 # know the root certificates for verification of the TLS certificates
56 # used for the connection. Enter the full name of a file with the
57 # root certificates here. If that file is in PEM format a ".pem"
58 # suffix is expected. This option may be given multiple times to add
59 # more root certificates. Tilde expansion is supported.
61 #hkp-cacert /path/to/CA/sks-keyservers.netCA.pem