Generate a PGP Key Pair Fill out the form to generate a PGP key pair using only local/client-side code ( kbpgp OpenPGP javascript ). None of your form. Generate Key. The top half of the screen allows us to generate (a private/public key pair) and export the Public key our customer will use to encrypt data before sending it to us. Generate Key creates a new key. We offer two key options. The DSA option creates a 512 bit key. The RSA option creates a 2048 bit key.
Symptom
What is PGP and how does it work in SuccessFactors?
Customer wants to encrypt their Data
Customer requests public key
Image/data in this KBA is from SAP internal systems, sample data, or demo systems. Any resemblance to real data is purely coincidental.
Environment
Resolution
What is PGP?
PGP is a key based encryption/authentication process. It allows users to publicly share keys that are used to sign and/or encrypt messages and data. At SuccessFactors, we only use the encryption function.
How does PGP work?
A user or his company needs to install PGP software. They can also use the compatible GPG (Open Source) software. After the install, the user can create their own keys and install keys provided by business partners. Every key comes in two parts. The Public key that can be shared with partners or even posted publicly somewhere for anyone to access. The Private key that should be kept secure on the system where it was created.
The two keys are used for two different purposes.
The Public key is used to Encrypt data you are sending.
The Private key is used to Decrypt data you receive.
So any of your business partners can use your Public key to encrypt data they send you. They can safely send the file over a public network. Only you are able to decrypt it.
Working with PGP Keys at SuccessFactors
SuccessFactors has included the Managing PGP Keys screen in Provisioning. This screen has two sections that relate to the two keys discussed earlier.
Generate Key
The top half of the screen allows us to generate (a private/public key pair) and export the Public key our customer will use to encrypt data before sending it to us.
Generate Key creates a new key. We offer two key options. The DSA option creates a 512 bit key. The RSA option creates a 2048 bit key;
Choose the RSA key when creating a new one. The smaller DSA key only exists for backwards compatibility. The few customers who require DSA will actually ask for it;
Do not generate a new key if one is already listed in the Generated Key Section;
The Generated Key area list the key type, key fingerprint and creation date. The last two items can be used to validate that our customer has installed our key properly;
Use Remove Key with caution. There is normally never any reason to do this. Once the key is removed, there is no way to recover it. Any customer data encrypted with it won’t be able to be decrypted;
Export Key button creates a Public key file you can save and send to the customer. This can be sent in plain email;
The Export Key button does not create a key that we can import into another instance;
NOTE: After a key has been generated, we can only export the public key from Provisioning however Support has no access to the Private Key or the Passphrase. This is to safeguard your data. As a result this screen is NOT suitable for generating keys to use with LMS;
To generate a Private / Public Key pair for LMS, it can be done manually by the customer or via a paid engagement (Professional services or customer consultant)
Import Key
Cisco crypto key generate rsa. Oct 02, 2015 SSH Config and crypto key generate RSA command. Use this command to generate RSA key pairs for your Cisco device (such as a router). Keys are generated in pairs–one public RSA key and one private RSA key. If your router already has RSA keys when you issue this command, you will be warned and prompted to replace the existing keys with new keys.
The bottom half allows us to import Public Keys sent by our customers. We will use these to encrypt data we send to them. Note: Multiple keys can be installed here. They will ALL be used to encrypt data we send. However ANY ONE of them can be used to decrypt the data.
Browse on your PC for the Public key file the customer sent you;
Select Import Key to install it in provisioning;
The key will appear in the list. We can share the UserName, Creation Date and Fingerprint info with a customer questioning if we have the correct key installed;
As noted earlier, it’s OK to install multiple keys here;
There is no way to export these keys. We can install customer provided keys in multiple instances only if we still have their original key file;
It’s OK to remove unused keys. Please be sure they are truly not needed. There is no way to recover them. To remove, select the checkbox and hit Remove Key;
We no longer provide or install the old SF PGP key. While it’s still in use for many of our existing customers there is never a reason to use it for a new one;
For LMS, this is where the public key generated will be imported so that the BizX scheduled jobs encrypt the file with the right key (LMS connector will then decrypt the file using the private key setup on LMS). For more information on LMS encryption setup please check the references section of this KBA.
How to request a key or to import a key on SuccessFactors?
Please engage your Implementation Partner or Customer Support under the component LOD-SF-PLT. To request the generation, please inform:
The Company ID of the instance;
The type of the key (DSA/RSA).
To request the import of the key, please inform:
The Company ID of the instance;
Attach the key file in the ticket.
See Also
2361997 - How to use PGP encryption in LMS connectors
PGP Encryption/Decryption modules used in SAP Netweaver PI based Standard and Partner Adapters
Summary
The following sections briefly describe the steps to create PGP key pairs using open source tool gpg4win and converting them in to ASCII Armored format.
Author(s):
Sivasubramaniam Arunachalam
Generate Pgp Key Pair Error Gatehub Sign In
Company: SAP Labs Created on: 11-Jan-2012 Author(s) Bio Sivasubramaniam Arunachalam is a senior developer at SAP Labs (Technology Innovation Platform). He is currently occupied with PI 7.31 development/maintenace activities. Since Sivasubramaniam joined SAP Labs in July 2010, he has developed new features in several adapters/areas including File, JDBC, IDoc, SOAP/XI, HTTP, JPR, B2B(RNIF 1.1/2.0, CIDX & PIDX) Adapters, XML Validation and Mapping Runtime. Currently, he is the component responsible for File, JDBC, B2B Adapters and XML Validation and takes care of all new development, enhancement and maintenance activities.
Table of Contents
Tools Required
Install Gpg4win from http://www.gpg4win.org/download.html
It will automatically update it's path to the system PATH(Environment variable)
Generating Key Pairs
Open the console the issue the following command to initiate the generation of public/private key pairs
It will create both keys with the name like secring.gpg (Private Key) and pubring.gpg (Public Key)
Select RSA(5) as a key type
Choose the default key size (2048) by just pressing enter without any input.
Choose the default key validity (key does not expire) by just pressing enter without any input
During confirmation prompt, press 'y'
Provide the Real User Name and E-Mail Address for the key to be issued with optional Comment
Press 'O' for 'Okay'
Provide and confirm the passpharse for private key
Acutal keys will be updated after providing random system gestures
Verify the details of the generated Private Key
Generate Pgp Key Pair Error Gatehub Login
Verify the details of the generated Public Key
Verify the key location
Generate ASCII Armored Keys from GPG Keys
Use the following command to generate ASCII Armored Public Key
Use the following command to generate ASCII Armored Private Key
Generate Pgp Key Pair Error Gatehub Download
Verify the generated ASCII Armored keys
Generate Pgp Key Pair Error Gatehub Code
To generate the another key pair (for PGP Receiver), move the present keys to different location and follow the same steps from the beginning. These key pairs can be used for both Encryption and Signing.