10 Importing a public certificate

Contents

10 Importing a public certificate

The person you are corresponding with does not always have to send their public certificate when they send signed e-mails to you. You can simply store their public certificate in your certificate administrator - e.g. Kleopatra.

Storing a public certificate

Before you import a public certificate into Kleopatra, you must save it in a file. Depending on whether you received the certificate as an e-mailfile attachment or as a block of text contained in your e-mail, please proceed as follows:

• If the public certificate was included as an e-mail file attachment, save it on your hard drive - just as you would normally do.
• If the public certificate was mailed as a block of text that was included in the e-mail, you have to highlighte the entire certificate:

  In the case of (public) OpenPGP certificates, please highlight the area from

  ---BEGIN PGP PUBLIC KEY BLOCK---
  up to
  ---END PGP PUBLIC KEY BLOCK---

  just as we have seen in Section 8.1.

  Now use Copy & Paste to insert the highlighted section into a text editor and save the public certificate. For file endings, you should use .asc or .gpg for OpenPGP certificates and .pem oder .der for X.509 certificates.

Importing public certificates into Kleopatra

Whether you have saved the public certificate as an e-mail attachment or text block - in both cases, you will be importing it into your Kleopatra certificate administration. To do this, start Kleopatra if the program is not running already. In the menu, click on File -> Import certificate..., search for the public certificate you have just saved and import it. You will receive an information dialog showing the result of the import process:

It displays the imported public certificate in Kleopatra, in a separate tab Imported certificates with the title <Path to certification file>":

This tab is used for checking purposes, since a file can contain more than one certificate. You can close the tab using the Fenster -> Close tab command or via the "Close tab" button on the right side of the window).

Now change over to the tab "Other certificates". You should also be able to see the public certificate you have imported.

Now you have imported someone else's certificate - in this case Adele's public OpenPGP certificate - into your certificate administration. You can use this certificate at any time to send encrypted messages to the owner of the certificate, and to check his signatures.

As soon as you are exchanging encrypted e-mail more frequently and with a larger number of persons, you will likely want to search and import for certificates on globally available key servers. To see how this works, please see Chapter 16 .

Before continuing, an important question:

How do you know that the public OpenPGP certificate really came from Adele? It is possible to send e-mails under someone else's name - in this respect, merely having the sender's name does not mean anything.

So how can you ensure that a public certificate actually belongs to the sender?

This key question related to certificate inspections is explained in the next Chapter 11.

10 Importing a public certificate

Contents