diff --git a/g10/import.c b/g10/import.c
index 5e44942e7..987fef3cd 100644
--- a/g10/import.c
+++ b/g10/import.c
@@ -2136,6 +2136,7 @@ import_one_real (ctrl_t ctrl,
       list_keyblock_direct (ctrl, keyblock, from_sk, 0,
                             opt.fingerprint || opt.with_fingerprint, 1);
       es_fflush (es_stdout);
+      no_usable_encr_subkeys_warning (keyblock);
     }
 
   /* Write the keyblock to the output and do not actually import.  */
diff --git a/g10/keyedit.c b/g10/keyedit.c
index a91cc4447..4b767aed6 100644
--- a/g10/keyedit.c
+++ b/g10/keyedit.c
@@ -1501,6 +1501,7 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr,
           run_subkey_warnings = 0;
           if (!count_selected_keys (keyblock))
             subkey_expire_warning (keyblock);
+          no_usable_encr_subkeys_warning (keyblock);
         }
 
       if (delseckey_list_warn)
@@ -4258,6 +4259,40 @@ subkey_expire_warning (kbnode_t keyblock)
 }
 
 
+/* Print a warning if all encryption (sub|primary)keys are expired.
+ * The warning is not printed if there is no encryption
+ * (sub|primary)key at all.  This function is called after the expire
+ * data of the primary key has been changed.  */
+void
+no_usable_encr_subkeys_warning (kbnode_t keyblock)
+{
+  kbnode_t node;
+  PKT_public_key *pk;
+  int any_encr_key = 0;
+
+  for (node = keyblock; node; node = node->next)
+    {
+      if (node->pkt->pkttype == PKT_PUBLIC_KEY
+          || node->pkt->pkttype == PKT_PUBLIC_SUBKEY)
+        {
+          pk = node->pkt->pkt.public_key;
+          if ((pk->pubkey_usage & PUBKEY_USAGE_ENC))
+            {
+              any_encr_key = 1;
+              if (pk->flags.valid && !pk->has_expired && !pk->flags.revoked
+                  && !pk->flags.disabled)
+                {
+                  return; /* Key is usable for encryption  */
+                }
+            }
+        }
+    }
+
+  if (any_encr_key && !opt.quiet)
+    log_info (_("WARNING: No valid encryption subkey left over.\n"));
+}
+
+
 /*
  * Ask for a new user id, add the self-signature, and update the
  * keyblock.  If UIDSTRING is not NULL the user ID is generated
diff --git a/g10/keyedit.h b/g10/keyedit.h
index 3ed0d0fea..abf7314af 100644
--- a/g10/keyedit.h
+++ b/g10/keyedit.h
@@ -63,5 +63,6 @@ int keyedit_print_one_sig (ctrl_t ctrl, estream_t fp,
 			   kbnode_t node, int *inv_sigs, int *no_key,
 			   int *oth_err, int is_selfsig,
 			   int print_without_key, int extended);
+void no_usable_encr_subkeys_warning (kbnode_t keyblock);
 
 #endif	/* GNUPG_G10_KEYEDIT_H */