I'm using EnigMail together with gnupg 2 on Mac OS X.
Homebrew updated gnupg to 2.1 but I've changed it back to 2.0. Now I'm getting the error message "Alle Verschlüsselungs-Unterschlüssel des Schlüssels Olaf Foellinger olaf.foellinger@gmail.com (Schlüssel-ID 0x69ECC4CD94D36D46) sind abgelaufen."
What can I do to fix the problem? Signing messages do work.
Best regards Olaf
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
I looked at your key. You created a new subkey on 13. March 2017, which was most likely while you were using GnuPG 2.1.
The problem is that GnuPG 2.1 stores the keys differently than GnuPG 2.0, therefore GnuPG 2.0 does not have your new subkey. But downgrading from GnuPG 2.1 to 2.0 is not foreseen directly.
The only thing you can do is to export your private key using GnuPG 2.1, and then re-import the private key in 2.0. But unless you have good reasons for going back to 2.0 I'd recommend you go back to 2.1.
If you don't want to re-install GnuPG 2.1 using homebrew, you can instead install GpgOSX, export the keys and then delete it again.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
The problem for me is that enigmail doesn't support version 2.1. I've deleted all new subkeys and created a new one but Enigmail still claims the error Alle Verschlüsselungs-Unterschlüssel des Schlüssels Olaf Foellinger olaf.foellinger@gmail.com (Schlüssel-ID 0x69ECC4CD94D36D46) sind abgelaufen.. I'll reboot.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
$ gpg2 --version
gpg (GnuPG)2.0.30
libgcrypt 1.7.6
Copyright (C)2015 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Home: ~/.gnupg
Supported algorithms:
Pubkey: RSA, RSA, RSA, ELG, DSA
Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH,
CAMELLIA128, CAMELLIA192, CAMELLIA256
Hash: MD5, SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
Compression: Uncompressed, ZIP, ZLIB, BZIP2
$ gpg2 --list-key 0x69ECC4CD94D36D46
pub 2048R/94D36D46 2004-11-15
uid [ultimate] Olaf Foellinger <olaf.foellinger@gmail.com>
uid [ultimate] Olaf Foellinger <olaf@foellinger.de>
uid [ultimate] Olaf Foellinger <olaf.foellinger@sesa.net>
uid [ultimate] Olaf Foellinger <olaf.foellinger@sesa.de>
uid [ultimate] Olaf Foellinger <ergo@merlin.in-berlin.de>
uid [ultimate] Olaf F\xf6\x6clinger, Dr. </o=SESA Software und Systeme AG/ou=First Administrative Group/cn=Recipients/cn=of>
sub 4096g/73EBFD12 2017-04-18 [expires: 2021-04-17]
pub 2048R/94D36D46 2004-11-15
uid [ultimate] Olaf Foellinger <olaf.foellinger@gmail.com>
uid [ultimate] Olaf Foellinger <olaf@foellinger.de>
uid [ultimate] Olaf Foellinger <olaf.foellinger@sesa.de>
uid [ultimate] Olaf Foellinger <ergo@merlin.in-berlin.de>
uid [ultimate] Olaf Foellinger <olaf.foellinger@sesa.net>
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Hi,
I'm using EnigMail together with gnupg 2 on Mac OS X.
Homebrew updated gnupg to 2.1 but I've changed it back to 2.0. Now I'm getting the error message "Alle Verschlüsselungs-Unterschlüssel des Schlüssels Olaf Foellinger olaf.foellinger@gmail.com (Schlüssel-ID 0x69ECC4CD94D36D46) sind abgelaufen."
What can I do to fix the problem? Signing messages do work.
Best regards Olaf
Did you create the latest encryption subkey with 2.1? If yes, has this subkey been backported to the 2.0 storage format?
I think not but how can I check? As said before, signing works.
Are there any background processes that are supposed to work?
I looked at your key. You created a new subkey on 13. March 2017, which was most likely while you were using GnuPG 2.1.
The problem is that GnuPG 2.1 stores the keys differently than GnuPG 2.0, therefore GnuPG 2.0 does not have your new subkey. But downgrading from GnuPG 2.1 to 2.0 is not foreseen directly.
The only thing you can do is to export your private key using GnuPG 2.1, and then re-import the private key in 2.0. But unless you have good reasons for going back to 2.0 I'd recommend you go back to 2.1.
If you don't want to re-install GnuPG 2.1 using homebrew, you can instead install GpgOSX, export the keys and then delete it again.
The problem for me is that enigmail doesn't support version 2.1. I've deleted all new subkeys and created a new one but Enigmail still claims the error Alle Verschlüsselungs-Unterschlüssel des Schlüssels Olaf Foellinger olaf.foellinger@gmail.com (Schlüssel-ID 0x69ECC4CD94D36D46) sind abgelaufen.. I'll reboot.
Reboot didn't help. :(
This is not true, at the very least not in this generality.
Please show what gpg says: