THE INFORMATION IN THIS ARTICLE APPLIES TO:
- EFT Server version 6.2 and later
- EFT v4.x to v7.4.x stores advanced properties in the registry.
- EFT v8.x stores Advanced Properties in a JSON file.
- When you upgrade from EFT v7.4.x to EFT v8, the non-default settings that you have defined in the registry will be added to the Advanced Properties file during upgrade. (Default settings are part of the EFT configuration files.)
Please refer to the EFT help for a spreadsheet of advanced properties for your version of EFT.
SYMPTOM
OpenPGP fails if the file is not signed or if the signature fails. The EFT Server log notes the following error:
DEBUG Events.Server <> - EVENT_ACTION_PGP: Signature verification failed for file: <filename>
RESOLUTION
EFT Server will, by default, verify the signature during decryption and will error out if the signer's key is not found or if the signature fails. The signature requirement/checking can be disabled with the registry setting below.
64 bit:
HKLM\SOFTWARE\Wow6432Node\GlobalSCAPE Inc.\EFT Server 4.0\PGPVerifySignature
32 bit:
HKLM\SOFTWARE \GlobalSCAPE Inc.\EFT Server 4.0\PGPVerifySignature
DWORD value: 0 - no verification
1 or not set - do verification
If the signature check fails, it will be logged in the WEL (WARNING) and the EFT.log. For example:
EFT.log: 02-08-10 WARN Events.Server <> - EVENT_ACTION_PGP: Signature verification failed for file: D:\1.txt.pgp
Note:
- In 6.2.0, if the reg value doesn’t exist, then EFT Server will require & verify the signature during PGP decrypt
- In 6.2.1, if the reg value doesn’t exist, then EFT Server will *not* require the signature.