Certificates Menu
Prev
Next

Certificates Menu

Certificates->Validate (Shift+F5)

Validates selected (or all) keys.

This is similar to View->Redisplay (F5), but performs a validation of the (selected) keys. Validation here means that all relevant CRLs are fetched, and the certificate chain is checked for correctness. As a result, invalid or expired keys will be marked according to your color and font preferences set in the Appearance page of Kleopatra's configure dialog.

Warning

You can only rely on information from validated keys, and, since any of them may be revoked at any time, even validation is only ever a snapshot of the current state of the local keyring. This is why the backend normally performs such checks whenever the keys are used (for example, for signing, signature verification, encryption or decryption).

Certificates->Refresh CRLs

Fetches the current CRLs for all selected keys, even though they would normally not be fetched when using the key.

This function only has an effect on certificates which define a CRL distribution point. Depending on the backend used, certificates configured to perform checks using OCSP will not be updated.

You may use this for example, if you have sideband knowledge that a key has been revoked, and you want the backend to reflect this now instead of relying on this to automatically happen at the next scheduled CRL update.

Warning

Excessive use of this function might put a high load on your provider's or company's network, since CRLs of large organizations can be surprisingly big (several megabytes are not uncommon).

Use this function scarcely.

Certificates->Delete (Delete)

Deletes selected certificate(s) from the local keyring.

Use this function to remove unused keys from your local keybox. However, since certificates are typically attached to signed emails, verifying an email might result in the key just removed to pop back into the local keybox. So it is probably best to avoid using this function as much as possible. When you are lost, use the search bar or the View->Hierarchical Key List function to regain control over the lot of certificates.

Certificates->Download

Downloads the selected certificate(s) from the LDAP to the local keybox.

Prev
Next
Home


Would you like to comment or contribute an update to this page?
Send feedback to the TDE Development Team