cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SAP CPI : Does CPI support PGP secring to have multiple private keys ?

Go to solution
amit777
Participant

on ‎12-23-2021 1:57 PM

0 Kudos

Hi All,

I have gone through multiple blogs and can see how people have demonstrated use of Kleopatra to show how we can club multiple public keys into a single pubring file and upload in CPI security materials.

Can we achieve the same for private keys ? Can we create a secring with multiple secret keys ?

Because I have tried adding in Kleopatra multiple private keys but then the app disables options to 'Backup secret keys', still if I try to export is using export option in header then CPI does not accept that file saying : Deploy artifact failed with error: The provided keyring cannot be deployed. The keyring content is either empty or has an invalid format.

Please let me know if you know multiple private keys are supported.

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

Sriprasadsbhat
Active Contributor
‎12-23-2021 2:04 PM
0 Kudos

Hello Dilip,

Below should help you to achieve the same.

https://blogs.sap.com/2020/08/27/multiple-pgp-secrets-in-sap-cloud-integration/

Regards,

Sriprasad Shivaram Bhat

Show replies
Show replies
amit777
Participant
‎12-23-2021 2:14 PM
0 Kudos

Thanks Sriprasad,

But the blog specifies a condition that the keys should be armored .

A secret key is armored if there is the header “—–BEGIN PGP PRIVATE KEY BLOCK—–” and the footer “—–BEGIN PGP PRIVATE KEY BLOCK——“.

But when I create keys using Kleopatra it does not create armored key(neither private not public) , or at least I do not see such BEGIN PGP...line. Looks like the key itself is encrpted . Any idea how to deal with this ?

Screenshot below.

amit777
Participant
‎12-23-2021 2:56 PM
0 Kudos

Hi Sriprasad .

Thanks it worked. I was not able to see the armored text because I had exported the keys with .pgp format . I reimported the keys and exported them as .asc, when I did that I could see content of the keys in proper format with –BEGIN PGP PRIVATE KEY BLOCK—–” etc.

Then I copied and pasted the two keys back to back and saved as secring.asc and imported in CPI. Now CPI is able to decrypt.

Answers (1)

Answers (1)

Sriprasadsbhat
Active Contributor
‎12-23-2021 2:03 PM
0 Kudos

Hello Dilip,

Below should help you to achieve the same.

https://blogs.sap.com/2020/08/27/multiple-pgp-secrets-in-sap-cloud-integration/

Regards,

Sriprasad Shivaram Bhat

Show replies
Show replies
Ask a Question