Gpg: bad passphrase in apache error logs

I’m thinking that my gpg errors are all stemming from the fact that RT
is may be reading my configs wrong. I’m not 100% yet but that’s what
my first thought is after staring at this for 2 days now.

I’m getting this in my apache error logs…

[Mon Aug 25 20:50:28 2008] [info]:
<rt-3.8.0-19558-1219697428-138.46-3-0@> #46/454 - Scrip 3 On
Create Autoreply To Requestors (/usr/local/rt-3.8.0/bin/…/lib/RT/
[Mon Aug 25 20:50:29 2008] [warning]: gpg: WARNING: unsafe ownership
on homedir “/usr/local/rt-3.8.0/var/data/gpg” (/usr/local/rt-3.8.0/

[Mon Aug 25 20:50:29 2008] [error]: gpg: no default secret key: bad
gpg: [stdin]: sign+encrypt failed: bad passphrase (/usr/local/rt-3.8.0/
[Mon Aug 25 20:50:29 2008] [error]: BAD PASSPHRASE: Bad passphrase for (/usr/local/rt-3.8.0/bin/…/lib/RT/Interface/

[Mon Aug 25 20:50:29 2008] [info]:
<rt-3.8.0-19558-1219697428-827.46-4-0@> #46/454 - Scrip 4 On
Create Notify AdminCcs (/usr/local/rt-3.8.0/bin/…/lib/RT/Action/
[Mon Aug 25 20:50:29 2008] [info]:
<rt-3.8.0-19558-1219697428-827.46-4-0@> No recipients found.
Not sending. (/usr/local/rt-3.8.0/bin/…/lib/RT/Interface/
[Mon Aug 25 20:50:29 2008] [info]: Ticket 46 created in queue
’General’ by (/usr/local/rt-3.8.0/bin/…/lib/RT/

I have set the homedir to var/data/gpg and I have given that directory
775 permissions. It seems like it is creating the temp file that it
uses to store the key as I get errors if I put my permissions to
restrictive but when I set it to this it seems okay.

Here’s my latest RT_SiteConfig.PM

Set(%GnuPG, Enable=>1, OutgoingMessagesFormat=>RFC,
Set(%GnuPGOptions, ‘–homedir’=>‘var/data/gpg’, ‘–

The only other thing I can think of is that I’m creating the gpg key
wrong. What I’m doing is this.

As root, I run gpg --gen-key

For Name I put in 'helpdesk2’
For email I put in 'helpdesk2@(removed).com’
For comment I leave it blank.

Next I put in the passphrase, which at this point is overly simple to
make sure I’m not spelling things funky.

I add my users public key to the public key ring for that user and
then I grab the contents of the .gnupg directory and copy them over to

Hoping someone can throw me a bone here, I’m officially stuck.