PGP encryption in Sterling File Gateway

Body

We already presented a scenario where a file is PGP-decrypted by Sterling File Gateway (SFG). For an introduction to PGP, its implementation in this scenario and additional configuration stuff please refer to the article: PGP decryption in Sterling File Gateway

Encryption scenario
A plain text file is put via FTP to the mailbox of the producer TP gwsProvider2. This file is encrypted via PGP and then put in the mailbox of the consumer TP gwsConsumer2. The encrypted file is then transferred via FTP to a destination directory.

The first three steps are the same as in the decryption scenario, please refer to the above article to get the details of these steps:

 

1) Create PGP Server Profile AFTPGPProfile and configure gpg

2) Configure PGPCmdlineService Command Line Adapter 2 service
3) Create the Community gwsCommunityA

 

4) Create producer trading partner gwsProvider2:
In SFG go to Participants > Partners and create partner gwsProvider2. During creation add gwsProvider1 to community gwsCommunityA.  Also configure gwsProvider2 as Producer of Data and accept the defaults in the PGP set-up dialog. After creation the gwsProvider2 has the following settings:

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

5) Create consumer trading partner gwsConsumer2
In SFG go to Participants > Partners and create partner gwsConsumer2. During creation add gwsConsumer2 to community gwsCommunityA. gwsConsumer2 will be configured as a consumer of data and will listen for a connection to consume data. As protocol: “Listen for FTP Connections” will be selected. For the PGP settings of gwsConsumer2 we configure the following:

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

The above key id is found in the output of the command:
$ gpg --list-keys
/home/siadmin/.gnupg/pubring.gpg
--------------------------------
pub   2048R/F045694C 2017-01-21
uid                  Joe User (gws10) <joe.user@example.net>
sub   2048R/BEB1234A 2017-01-21

In summary we have the following configuration for partner gwsConsumer2:

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

6) Create a Routing Channel Template
In SFG go to Routes > Templates and click Templates. Create template gws_PGP_Encrypt. After you have created the template the configuration is as follows:

 

 

 

 

7) Create the Routing Channel

In SFG go to Routes > Channels and create a new channel.

Select Routing Channel Template: gws_PGP_Encrypt

Select Producer: gwsProvider2

Select Consumer: gwsConsumer2

 

 

 

 

 

 

 

 

 

 

 

 

8) Running the encryption scenario

We use a FileZilla Client to put a plain text file in mailbox gwsProvider2. For transferring the file to the mailbox gwsProvider2 the FTP server adapter in ISBI needs to be enabled. The FileZilla Client will connect to the port of the FTP server adapter. The plain text file needs then to be put to the mailbox gwsProvider2:

 

SFG encrypts the file using PGP and puts it in mailbox gwsConsumer2. The file then is transferred via the SI FTP client adapter to a FileZilla Server: