fetch things over hkps and on every check

author: mh <mh@immerda.ch> 2015-10-16 15:38:20 +0200
committer: mh <mh@immerda.ch> 2015-10-16 15:40:17 +0200
commit: 3a39c6e693a835d98ed382bdc3ce72eac31ea664 (patch)
tree: 2e58265610ba9319f7ab3a93567ed5717ee97141 /files/plugins/check_gpg
parent: 9a02e527e1803093e25166cdbac753253909065f (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/files/plugins/check_gpg b/files/plugins/check_gpg
index bf4b930..efc17e3 100644
--- a/files/plugins/check_gpg
+++ b/files/plugins/check_gpg
@@ -84,7 +84,7 @@ key="$1"
 
 # GPG is too stupid to error out when asked to refresh a key that's not in the
 # local keyring so we need to perform another call to verify this first.
-output=$( { gpg $homedir --list-key "$key" >/dev/null && gpg $homedir --refresh "$key" >/dev/null; } 2>&1 )
+output=$( { gpg $homedir --list-key "$key" >/dev/null && gpg $homedir --refresh --keyserver hkps://hkps.pool.sks-keyservers.net --keyserver-options ca-cert-file=$homedir/sks-keyservers.netCA.pem "$key" >/dev/null; } 2>&1 )
 if [ $? -ne 0 ]; then
     echo "UNKNOWN: $output"
     exit 3
author	mh <mh@immerda.ch>	2015-10-16 15:38:20 +0200
committer	mh <mh@immerda.ch>	2015-10-16 15:40:17 +0200
commit	3a39c6e693a835d98ed382bdc3ce72eac31ea664 (patch)
tree	2e58265610ba9319f7ab3a93567ed5717ee97141 /files/plugins/check_gpg
parent	9a02e527e1803093e25166cdbac753253909065f (diff)