Configuring GnuPG to Use Utimaco HSM

1. Run the following command to automatically create directory structure for gnupg

# gpg --list-keys

Listing gpg keys

2. Copy the sample file from resource/gnupg-pkcs11-scd-0.10.0/gnupg-pkcs11-scd/gnupg-pkcs11-scd.conf.example to ~/.gnupg/gnupg-pkcs11-scd.conf

# cp gnupg-pkcs11-scd-0.10.0/gnupg-pkcs11-scd/gnupg-pkcs11-scd.conf.example /root/.gnupg/gnupg-pkcs11-scd.conf

3. Open the file /root/.gnupg/gnupg-pkcs11-scd.conf and make the following changes

pin-cache 0 

providers p1 

provider-p1-library /opt/utimaco/lib/libcs_pkcs11_R3.so

4. Create a file /root/.gnupg/gpg-agent.conf and add the following content in it

scdaemon-program /usr/local/bin/gnupg-pkcs11-scd 

pinentry-program /usr/local/bin/pinentry