Next: , Up: Dirmngr Protocol   [Contents][Index]

3.6.1 Return the certificate(s) found

Lookup certificate. To allow multiple patterns (which are ORed) quoting is required: Spaces are to be translated into "+" or into "%20"; obviously this requires that the usual escape quoting rules are applied. The server responds with:

  S: D <DER encoded certificate>
  S: END
  S: D <second DER encoded certificate>
  S: END
  S: OK

In this example 2 certificates are returned. The server may return any number of certificates; OK will also be returned when no certificates were found. The dirmngr might return a status line


To indicate that the output was truncated to N items due to a limitation of the server or by an arbitrary set limit.

The option --url may be used if instead of a search pattern a complete URL to the certificate is known:

  C: LOOKUP --url CN%3DWerner%20Koch,o%3DIntevation%20GmbH,c%3DDE?userCertificate

If the option --cache-only is given, no external lookup is done so that only certificates from the cache are returned.

With the option --single, the first and only the first match will be returned. Unless option --cache-only is also used, no local lookup will be done in this case.