Setting OpenPGP Security for the Site

This procedure describes setting OpenPGP security for the Site. For details of OpenPGP, refer to The OpenPGP Module.

To set OpenPGP security

  1. In the administration interface, connect to EFT and click the Server tab.

  2. On the Server tab, click the Site you want to configure.

  3. In the right pane, click the Security tab.

  4. In the Data Security area, next to OpenPGP security, click Configure. The OpenPGP Security dialog box appears.

    v8.0.5.7 and earlier:

    5. v8.0.5.8 and later:

  5. If an OpenPGP key pair is defined on EFT, click the Default Site key pair drop-down menu and click the key. Otherwise, click Create and follow the instructions in Creating Key Pairs for OpenPGP or click Manage and following the instructions in Importing and Exporting Key Pairs for OpenPGP.

  6. In the Private key passphrase box, provide the passphrase for the selected key. Select the Hide typing check box if you do not want the passphrase to be viewable.

  7. Select the Enable debug logging check box if you want to log errors, and then click the drop-down menu to specify the level of logging: 0 (minimum logging), 1, or 2.

    • If you select the Enable debug logging check box, you can select the Enable dynamic log file name to add the date to the file name.

  8. In the Log file path box, specify where to save the log file.

  9. Under PGP Key Expiration Notification:

    1. Specify whether to send an email upon expiration. EFT does a daily check at midnight.
    2. Specify a file to use for the email. Click Template to open the EFT Server\ProgramData\ folder to edit the files, if needed.

      • PGPKeyExpirationWarning.txt: "Notice: The pgp key associated with key name/id: %pgp_id% is set to expire %d% day(s) from now on %pgp_expiration_date%. Please update your key as an expired key may impact encrypt/decrypt operations with this vendor."

      • PGPKeyExpirationError.txt "Notice: The pgp key associated with key name/id: %pgp_id% expired on %pgp_expiration_date%, which may impact encrypt/decrypt operations with this vendor."

    3. Specify how many days prior to expiration to send the email. Sent daily when nearing expiration. Acceptable values are 1 -90 days; 30 days is the default.
    4. (Optional) Specify who is to receive the email. You can list multiple recipients separated by a semicolon or a comma.

      5. The EFT log and Windows Event Viewer are updated with the same content as the template, even if email notification is disabled.

  10. Click OK to save the changes.

  11. Click Apply to save the changes on EFT.

Related Topics