gpg cannot resove/connect to keyserver

Question

Environment

• OS is Artix Linux 6.0.11
• GPG is 2.2.40
• libcrypt is 1.10.2
• keyserver is any (ubuntu , sks, mit, etc.)

Problem

I wanted to update my system via pacman -Syu and needed to import a key by Torsten Kessler, David Runge and others, whose keys "could not be looked up remotely".

OK, gpg --recv-keys it is then! But alas, woe is me as GPG just waits, and waits, and waits until it times out and says "server indicated a failure", here's the output:

[user@localhost ~]$ dirmngr --daemon --debug-all --standard-resolver & gpg --debug-level 7 --keyserver hkp://keyserver.kjsl.com:80 --recv-keys ED587B6247A4152D
[1] 20203
gpg: enabled debug flags: packet filter cache memstat trust extprog
dirmngr[20203]: reading options from '/home/user/.gnupg/dirmngr.conf'
dirmngr[20203]: reading options from '[cmdline]'
dirmngr[20203]: enabled debug flags: x509 crypto memory cache memstat hashing ipc dns network lookup extprog
dirmngr[20203]: listening on socket '/run/user/1000/gnupg/S.dirmngr'
DIRMNGR_INFO=/run/user/1000/gnupg/S.dirmngr:20206:1; export DIRMNGR_INFO;
dirmngr[20206.0]: error loading certificate '/etc/ssl/certs/ca-certificates.crt': Certificate expired
dirmngr[20206.0]: error loading certificate '/etc/ssl/certs/ca-certificates.crt': Certificate expired
dirmngr[20206.0]: permanently loaded certificates: 141
dirmngr[20206.0]:     runtime cached certificates: 0
dirmngr[20206.0]:            trusted certificates: 141 (141,0,0,0)
gpg: keyserver receive failed: Server indicated a failure
gpg: keydb: handles=0 locks=0 parse=0 get=0
gpg:        build=0 update=0 insert=0 delete=0
gpg:        reset=0 found=0 not=0 cache=0 not=0
gpg: kid_not_found_cache: count=0 peak=0 flushes=0
gpg: sig_cache: total=0 cached=0 good=0 bad=0
gpg: random usage: poolsize=600 mixed=0 polls=0/0 added=0/0
              outmix=0 getlvl1=0/0 getlvl2=0/0
gpg: rndjent stat: collector=0x0000000000000000 calls=0 bytes=0
gpg: secmem usage: 0/32768 bytes in 0 blocks
dirmngr[20206.0]: socket file has been removed - shutting down
dirmngr[20206.0]: dirmngr (GnuPG) 2.2.40 stopped

• At first I thought that it was NetworkManager (it has done so before and is a general hinderance to me), so I uninstalled it - it wasn't the problem.

• dhcpcd also wasn't the problem; /etc/resolv.conf looks like:

  # Generated by dhcpcd from eth0.dhcp
  nameserver 9.9.9.9
  nameserver 192.168.1.1
  # /etc/resolv.conf.tail can replace this line
  

  Note: /etc/resolv.conf.head contains nameserver 9.9.9.9

• I can't ping the servers, though nslookup and web browser work just fine, so I'm at a loss.

• It isn't a DNS thing, nslookup says so, ping doesn't work though.

Is there anything obvious for me to debug I've overlooked in my blind sighted folly?

Apendix I:
Manually importing ~3 keys from keyserver.ubuntu.com results in marginal/unknown trust and pacman considers the cached packages to be corrupt (I got tired of confirming the provider selection between galaxy & extra and ran with --noconfirm, deleting 600Mb of cached valid packages)
I am no closer to finding out why gpg can't connect to the server, I will try a proxy, though I doubt it will help

Answer 1

Remember to keep your keyrings and mirrorlists up-to-date, and join your repo's mailinglist for install breaking changes like adding a repository and moving several packages there. Artix had (now quite some time ago) added the [universe] repo and moved several arch packages there, the most important one being the archlinux-keyring

I had noticed that I only had the lib32 keyring installed, but never bothered to check why blindly assuming that Artix had moved sufficiently far away from Arch that it could maintain it's own versions of packages...

I've now enabled the [universe] repo, pacman -Syu'd and pacman-key {--init,--populate,--refresh-keys}'d fixing my problems