.Well-known/OpenGPGKey for WKD

Downloads the GPG public key based on the email address of the signer. The Web Key Service (WKS) searches the Web Key Directory (WKD) and downloads the public key to a .gpg file. The key allows you to verify the digital signature.

Requirements

None. The Code Signing Key Server does not require a separate installation. However, to sync public keys to the caller's machine, be sure to call POST API/GetGPGPublicKey from Key Server first.

cURL syntax

From a Bash command prompt, use a cURL command to confirm the signature based an email address.

Command:

curl -kL https://{domain}/.well-known/openpgpkey/{domain}/hu/{emailencoding}?L={email} >{filename}

Syntax:

{domain): The domain of the server that contains the WKS server.
{emailencoding}: Z-Base32 encoded email ID that identifies the hu parent folder. To get the value, use GpG.
{email::The email address from the GPG Environment Email Address. This person has the authority to digitally sign.
[filename]: (Optional) The public key file format: .gpg

Example: Download the public key via an email address

Request (cURL)

curl -kL https://mydomain.example/.well-known/openpgpkey/mydomain.example/hu/
rrkupfc3yqjagbgf6sfmdnuu14mt5zup?L=myemailaddress> publickey.gpg