Join the AMA (Ask Me Anything) with the Firefox leadership team to celebrate Firefox 20th anniversary and discuss Firefox’s future on Mozilla Connect. Mark your calendar on Thursday, November 14, 18:00 - 20:00 UTC!

This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Cannot import GPG key from Kleopatra into Thunderbird 102.3.1 on Fedora 36

  • 1 reply
  • 0 have this problem
  • 1 view
  • Last reply by Bean-Spoil

more options

Hey all -

I cannot import a GPG key that I exported from Kleopatra (version 3.1.22.220801) into Thunderbird 102.3.1 on Fedora 36. I don't know why, but... I deleted my GPG key from Thunderbird to import my new one that had an expiry date extended further into the future. I guess... I just... assumed... that Thunderbird could import a basic text file to get my public-private key pair imported, but...

Guys, I gotta admit, Enigmail was a far, FAR better user experience than this, and it's been this way for months. Basic stuff, like accurately showing MY OWN correctly-signed emails, to randomly deciding to start encrypting emails even though I have no keys other than my own imported into Thunderbird (and not anymore), to being unable to import a simple, basic, GPG key in text format.

C'mon.

Hey all - I cannot import a GPG key that I exported from Kleopatra (version 3.1.22.220801) into Thunderbird 102.3.1 on Fedora 36. I don't know why, but... I deleted my GPG key from Thunderbird to import my new one that had an expiry date extended further into the future. I guess... I just... assumed... that Thunderbird could import a basic text file to get my public-private key pair imported, but... Guys, I gotta admit, Enigmail was a far, FAR better user experience than this, and it's been this way for months. Basic stuff, like accurately showing MY OWN correctly-signed emails, to randomly deciding to start encrypting emails even though I have no keys other than my own imported into Thunderbird (and not anymore), to being unable to import a simple, basic, GPG key in text format. C'mon.

All Replies (1)

more options

Figured it out, not sure why Thunderbird didn't like it, but:

Run Kleopatra, changed the expiry date of ALL certificates in the chain:

  1. Double left-click the GPG key you wish to change the expiry date on, in Kleopatra's main certificates list.
  2. Left-click the "More Details..." button in the bottom left corner of the OpenPGP Certificate window.
  3. For each key listed in the "Subkeys Details" window, right-click "Change Expiry Date...", and determine at what point in the future you want the keys to expire (I wouldn't go past two years, you might want to regenerate your keys with more robust encryption algorithms or key sizes in the future)

Use the `gpg` command to export your public and secret keys:

  1. Run the command: `gpg --list-keys`
  2. Run the command: `gpg --list-secret-keys`
  3. Note the text following the term "uid" from the command outputs, you'll see something like this:

uid [ultimate] John Doe <jdoe@example.com>

  1. Run the command: `gpg --export -a "John Doe <jdoe@example.com>" > Documents/jdoe-pgp-public.asc`
  2. Run the command: `gpg --export-secret-key -a "John Doe <jdoe@example.com>" > Documents/jdoe-pgp-private.asc`
  3. Run the command: `cat Documents/jdoe-pgp-public.asc Documents/jdoe-pgp-private.asc > Documents/jdoe-pgp-public-private.asc`

Thunderbird will import that final certificate (the file "Documents/jdoe-pgp-public-private.asc") just fine.

This article is helpful: https://linuxhint.com/export-import-keys-with-gpg/