diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-05-18 21:21:03 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-05-18 21:21:03 +0000 |
commit | 3675f65888fde5fddde20ff811638a338bf08ca6 (patch) | |
tree | 065688bbb6355a8a4784ec9c8e112cec342eac5e /doc/dirmngr.texi | |
parent | Adding upstream version 2.2.40. (diff) | |
download | gnupg2-3675f65888fde5fddde20ff811638a338bf08ca6.tar.xz gnupg2-3675f65888fde5fddde20ff811638a338bf08ca6.zip |
Adding upstream version 2.2.43.upstream/2.2.43upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'doc/dirmngr.texi')
-rw-r--r-- | doc/dirmngr.texi | 28 |
1 files changed, 24 insertions, 4 deletions
diff --git a/doc/dirmngr.texi b/doc/dirmngr.texi index d6ef375..f988fe2 100644 --- a/doc/dirmngr.texi +++ b/doc/dirmngr.texi @@ -168,6 +168,14 @@ Append all logging output to @var{file}. This is very helpful in seeing what the agent actually does. Use @file{socket://} to log to socket. +@item --compatibility-flags @var{flags} +@opindex compatibility-flags +Set compatibility flags to work around certain problems or to emulate +bugs. The @var{flags} are given as a comma separated list of flag +names and are OR-ed together. The special flag "none" clears the list +and allows to start over with an empty list. To get a list of +available flags the sole word "help" can be used. + @item --debug-level @var{level} @opindex debug-level Select the debug level for investigating problems. @var{level} may be a @@ -320,8 +328,8 @@ keyserver name, optional keyserver configuration options may be provided. These are the same as the @option{--keyserver-options} of @command{gpg}, but apply only to this particular keyserver. -Most keyservers synchronize with each other, so there is generally no -need to send keys to more than one server. Somes keyservers use round +Some keyservers synchronize with each other, so there is not always a +need to send keys to more than one server. Some keyservers use round robin DNS to give a different keyserver each time you use it. If exactly two keyservers are configured and only one is a Tor hidden @@ -330,7 +338,8 @@ whether Tor is locally running or not. The check for a running Tor is done for each new connection. If no keyserver is explicitly configured, dirmngr will use the -built-in default of @code{https://keyserver.ubuntu.com}. +built-in default of @code{https://keyserver.ubuntu.com}. To avoid the +use of a default keyserver the value @code{none} can be used. Windows users with a keyserver running on their Active Directory may use the short form @code{ldap:///} for @var{name} to access this directory. @@ -412,7 +421,9 @@ force the use of the default responder. @item --honor-http-proxy @opindex honor-http-proxy If the environment variable @env{http_proxy} has been set, use its -value to access HTTP servers. +value to access HTTP servers. If on Windows the option is used but +the environment variable is not set, the proxy settings are taken +from the system. @item --http-proxy [http://]@var{host}[:@var{port}] @opindex http-proxy @@ -586,6 +597,15 @@ won't be rejected due to an unknown critical extension. Use this option with care because extensions are usually flagged as critical for a reason. +@item --ignore-crl-extension @var{oid} +@opindex ignore-crl-extension +Add @var{oid} to the list of ignored CRL extensions. The @var{oid} is +expected to be in dotted decimal form. Critical flagged CRL +extensions matching one of the OIDs in the list are treated as if they +are actually handled and thus the certificate won't be rejected due to +an unknown critical extension. Use this option with care because +extensions are usually flagged as critical for a reason. + @item --ignore-cert @var{fpr}|@var{file} @opindex ignore-cert Entirely ignore certificates with the fingerprint @var{fpr}. As an |