THE INFORMATION IN THIS ARTICLE APPLIES TO:
DISCUSSION
Version 8.0.x of EFT leverages GUID PGP keyring files which regenerated as you make changes to the keyring. This mean that you can no longer point to a single keyring reference as you could in previous versions.
- a. In version 8.0.x and above, You should now be able to see a PGP folder in your Server Configuration Settings folder. There will be one folder per site and within that folder you will various revisions of the private and public key rings.
- You will notice that there will be additional keys in the OpenPGP keyring. A key ring will display various version of the key for encryption/decryption, sign, etc.
- Before we take a closer look at the AWE script, let's make sure the logic of our AWE encryption rules is set correctly. In example below, we will use a folder monitor with a condition that triggers on files added to the folder where the extension does not match *.pgp.
- Once you have validated your event rule logic, we will move on launching our AWE script. Inside the AWE Task Builder, select Encrypt action from the Cryptography section. If one if already defined, double click on it.
- To configure the Encryption Action, as shown above, use these steps:
- Set Source as %FS_PATH% to enable EFT to pass the source location and filename from EFT.
- As part of your Destination, set %FS_FOLDER_NAME% —be sure to add a slash / if needed.
- Use %FS_BASE_FILE_NAME% to remove the original file extension.
- Add the PGP extension.
- To leverage your keyring dynamically, set Encryption Type to "OpenPGP Public Key."
- Select your preferred encryption algorithm.
- In this example, three different keys are selected to illustrate a scenario in which you can use multiple keys to encrypt files. Decryption will use only one private key that match any of the public keys used for encryption. Most use cases will only use a single key for encryption.
- In the section for Keyring Files, we will need to define a Public Key File. Using the Expression Builder option (%), we will use the %SERVER_PUBLIC_KEYRING_PATH% variable which is contained inside the EFT Variables under the Server Variables section.
- Now we will do the same for the Secret Keyring File but instead we will select %SERVER_PRIVATE_KEYRING_PATH%.
​
- Once all parameters are set, you are ready to test your rule.